Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivni kontrolu PC - log z RSIT přiložen

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Prosím o preventivni kontrolu PC - log z RSIT přiložen

#1 Příspěvek od Pitrisek »

Dobrý den, prosím o preventivní kontrolu logu RSIT a mého PC...předem děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2018-02-07 15:30:05
Microsoft Windows 10 Home
System drive C: has 137 GB (60%) free of 228 GB
Total RAM: 16347 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:30:09, on 07.02.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe
C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.hal3000.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hal3000.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Gaijin.Net Agent] "C:\Users\Petr\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Speccy] "C:\Program Files\Speccy\Speccy64.exe" /totray
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) TPM Provisioning Service - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Small Business Advantage Service (SbaService) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 11808 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
winlogon.exe
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservice -p -s nsi

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localservice -p -s fdPHost
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
C:\WINDOWS\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
dashost.exe {c032ba97-8401-4ac0-874b9689e8ac83d9}
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -c
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\CNAB4RPD.EXE
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe"
"C:/Users/Petr/AppData/Local/Akamai/netsession_win.exe" --client
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-gpu-compositing --no-sandbox --service-pipe-token=A37BC468DD29D738AEA7E259AC3EF0E4 --lang=en-US --lang=en-US --log-file="C:\Users\Petr\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=A37BC468DD29D738AEA7E259AC3EF0E4 --renderer-client-id=2 --mojo-platform-channel-handle=1808 /prefetch:1
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files\ESET\ESET Smart Security\eOPPFrame.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
C:\WINDOWS\system32\svchost.exe -k SDRSVC
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1672.0.590128494\1605137939" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" "C:\Users\Petr\AppData\LocalLow\Mozilla\Temp-{15e5d1b3-8444-4528-8a00-f2f454c1ffef}" 1672 "\\.\pipe\gecko-crash-server-pipe.1672" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1672.3.655389273\1926149259" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{15e5d1b3-8444-4528-8a00-f2f454c1ffef}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1672 "\\.\pipe\gecko-crash-server-pipe.1672" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1672.13.2118437593\2109210233" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{15e5d1b3-8444-4528-8a00-f2f454c1ffef}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1672 "\\.\pipe\gecko-crash-server-pipe.1672" tab
c:\windows\system32\svchost.exe -k localservicepeernet -s p2pimsvc
c:\windows\system32\svchost.exe -k localservicepeernet -s PNRPsvc
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1672.104.444951828\629146635" -childID 15 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{15e5d1b3-8444-4528-8a00-f2f454c1ffef}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1672 "\\.\pipe\gecko-crash-server-pipe.1672" tab

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 740 744 752 8192 748
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x684
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Petr\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\e3w6mfl0.default

prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz."

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.161 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.161.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.161.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program Files 2\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.161 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll


C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\e3w6mfl0.default\searchplugins\
amazon.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-06 207024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-24 474688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-24 188992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"egui"=C:\Program Files\ESET\ESET Smart Security\ecmds.exe [2017-12-18 324352]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2018-01-24 9235936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gaijin.Net Agent"=C:\Users\Petr\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2018-01-25 2116168]
"Akamai NetSession Interface"=C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe [2017-09-08 4490200]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-01-09 10257872]
"Speccy"=C:\Program Files\Speccy\Speccy64.exe [2017-06-27 6955224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-19 587288]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Canon LBP2900 Status Window.lnk - C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-02-07 15:30:05 ----D---- C:\rsit
2018-02-07 15:30:05 ----D---- C:\Program Files\trend micro
2018-02-07 11:55:09 ----D---- C:\ProgramData\ESET
2018-02-07 11:55:09 ----D---- C:\Program Files\ESET
2018-02-07 11:55:02 ----SHD---- C:\Config.Msi
2018-01-28 00:21:07 ----D---- C:\Program Files\Nexus Mod Manager
2018-01-26 14:20:29 ----D---- C:\Program Files (x86)\Origin Games
2018-01-24 16:54:32 ----D---- C:\Users\Petr\AppData\Roaming\Intel
2018-01-24 16:44:08 ----D---- C:\WINDOWS\system32\DAX3
2018-01-24 16:44:08 ----D---- C:\WINDOWS\system32\DAX2
2018-01-24 16:44:04 ----D---- C:\Program Files\Realtek
2018-01-24 16:43:49 ----A---- C:\WINDOWS\SYSWOW64\SRCOM.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\SYSWOW64\SFCOM.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\YamahaAE2.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\YamahaAE.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\tossaemaxapo64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\tossaeapo64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\toseaeapo64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\tosasfapo64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\tosade.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\tepeqapo64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\tadefxapo264.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\tadefxapo.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\SRSWOW64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\SRSTSX64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\SRSTSH64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\SRSHP64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\SRRPTR64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\SRCOM64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\SRCOM.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\SRAPO64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\sltech64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\slprp64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\slcnt64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\sl3apo64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\SFSS_APO.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\SFNHK64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\SFCOM64.dll
2018-01-24 16:43:49 ----A---- C:\WINDOWS\system32\SFAPO64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\SYSWOW64\SEHDHF32.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\SYSWOW64\SECOMN32.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\SYSWOW64\RltkAPO.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\SEHDRA64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\SEHDHF64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\SECOMN64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\SEAPO64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\RtPgEx64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\RtlCPAPI64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\RtkCoLDR64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\RtkCfg64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\RtkApi64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\RTEEP64A.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\RTEEL64A.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\RTEEG64A.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\RTEED64A.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\RtDataProc64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\RTCOM64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\RP3DHT64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\RP3DAA64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\RltkAPO64.dll
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\drivers\rtvienna.dat
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\drivers\RTKVHD64.sys
2018-01-24 16:43:48 ----A---- C:\WINDOWS\system32\drivers\RTAIODAT.DAT
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\RCoRes64.dat
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\RCoInstII64.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\R4EEP64A.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\R4EEL64A.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\R4EEG64A.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\R4EED64A.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\R4EEA64A.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\ICEsoundAPO64.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\HMUI.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\HMLimiter.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\HMHVS.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\HMEQ_Voice.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\HMEQ.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\HMClariFi.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\HMAPO.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2018-01-24 16:43:47 ----A---- C:\WINDOWS\system32\HiFiDAX2API.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\HarmanAudioInterface.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DTSLimiterDLL64.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DTSLFXAPO64.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DTSGFXAPONS64.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DTSGFXAPO64.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DTSBoostDLL64.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DDPP64AF3.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DDPP64A.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DDPO64AF3.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DDPO64A.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DDPD64AF3.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DDPD64A.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DDPA64F3.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DDPA64.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DAX3APOv251.dll
2018-01-24 16:43:45 ----A---- C:\WINDOWS\system32\DAX3APOProp.dll
2018-01-24 16:43:44 ----A---- C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2018-01-24 16:43:44 ----A---- C:\WINDOWS\system32\audioLibVc.dll
2018-01-24 16:43:44 ----A---- C:\WINDOWS\system32\AcpiServiceVnA64.dll
2018-01-24 16:43:39 ----A---- C:\WINDOWS\RtlExUpd.dll
2018-01-24 07:56:39 ----D---- C:\ProgramData\Intel(R) Update Manager
2018-01-19 16:46:47 ----D---- C:\Program Files\Speccy
2018-01-19 16:45:59 ----D---- C:\Program Files\Recuva
2018-01-19 16:45:30 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 month======

2018-02-07 15:30:05 ----RD---- C:\Program Files
2018-02-07 15:22:33 ----D---- C:\WINDOWS\Temp
2018-02-07 14:31:00 ----D---- C:\WINDOWS\system32\sru
2018-02-07 13:48:04 ----D---- C:\WINDOWS\system32\SleepStudy
2018-02-07 13:33:43 ----D---- C:\WINDOWS\Logs
2018-02-07 13:33:42 ----D---- C:\WINDOWS\Prefetch
2018-02-07 12:36:04 ----D---- C:\WINDOWS\System32
2018-02-07 12:36:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-07 12:29:39 ----D---- C:\WINDOWS\system32\Tasks
2018-02-07 12:29:17 ----D---- C:\ProgramData\NVIDIA
2018-02-07 12:29:15 ----D---- C:\WINDOWS\system32\LogFiles
2018-02-07 12:29:10 ----D---- C:\Windows
2018-02-07 12:29:10 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-07 12:29:10 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-02-07 12:28:49 ----D---- C:\WINDOWS\system32\catroot2
2018-02-07 11:59:48 ----RD---- C:\WINDOWS\Microsoft.NET
2018-02-07 11:55:55 ----D---- C:\WINDOWS\INF
2018-02-07 11:55:21 ----SHD---- C:\WINDOWS\Installer
2018-02-07 11:55:19 ----D---- C:\WINDOWS\system32\DriverStore
2018-02-07 11:55:19 ----D---- C:\WINDOWS\system32\drivers
2018-02-07 11:55:09 ----HD---- C:\ProgramData
2018-02-07 11:54:31 ----SHD---- C:\System Volume Information
2018-02-07 09:31:29 ----HD---- C:\Program Files\WindowsApps
2018-02-07 09:30:41 ----D---- C:\WINDOWS\AppReadiness
2018-02-07 09:27:53 ----D---- C:\WINDOWS\SoftwareDistribution
2018-02-06 21:38:28 ----D---- C:\Program Files (x86)\Steam
2018-02-06 15:30:47 ----D---- C:\WINDOWS\SysWOW64
2018-02-06 15:30:43 ----D---- C:\WINDOWS\system32\Macromed
2018-02-06 15:30:41 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-02-06 10:09:12 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-02-06 10:09:03 ----D---- C:\Program Files (x86)\Common Files
2018-02-06 10:08:45 ----AD---- C:\Program Files (x86)\Microsoft Office
2018-01-28 10:34:53 ----AD---- C:\Program Files (x86)\Battle.net
2018-01-26 14:25:07 ----D---- C:\ProgramData\Origin
2018-01-26 14:20:50 ----D---- C:\Users\Petr\AppData\Roaming\Origin
2018-01-26 14:20:29 ----RD---- C:\Program Files (x86)
2018-01-25 19:35:41 ----D---- C:\Users\Petr\AppData\Roaming\TS3Client
2018-01-24 16:58:09 ----D---- C:\Program Files (x86)\Intel
2018-01-24 16:58:06 ----D---- C:\ProgramData\Package Cache
2018-01-24 16:47:13 ----HD---- C:\Program Files (x86)\Temp
2018-01-24 16:44:23 ----D---- C:\WINDOWS\DeliveryOptimization
2018-01-24 16:44:04 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2018-01-24 16:42:40 ----D---- C:\WINDOWS\system32\CatRoot
2018-01-24 16:38:00 ----D---- C:\ProgramData\Intel
2018-01-24 16:37:56 ----D---- C:\Program Files\Intel
2018-01-24 16:37:48 ----D---- C:\WINDOWS\SYSWOW64\drivers
2018-01-24 07:52:37 ----D---- C:\ProgramData\Oracle
2018-01-24 07:52:32 ----D---- C:\Program Files (x86)\Java
2018-01-24 07:52:04 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2018-01-21 17:44:06 ----D---- C:\WINDOWS\system32\config
2018-01-20 19:57:04 ----D---- C:\WINDOWS\WinSxS
2018-01-20 14:21:21 ----RSD---- C:\WINDOWS\assembly
2018-01-19 13:25:36 ----D---- C:\ProgramData\Autodesk
2018-01-19 13:22:48 ----D---- C:\Program Files (x86)\Google
2018-01-19 13:13:36 ----D---- C:\Program Files\Common Files\Autodesk Shared
2018-01-19 13:13:33 ----D---- C:\Program Files\Common Files
2018-01-19 13:13:21 ----RSD---- C:\WINDOWS\Fonts
2018-01-19 13:08:03 ----D---- C:\Users\Petr\AppData\Roaming\Autodesk
2018-01-19 12:51:01 ----D---- C:\ProgramData\Electronic Arts
2018-01-10 22:03:48 ----D---- C:\WINDOWS\debug
2018-01-10 16:18:39 ----D---- C:\WINDOWS\system32\MRT
2018-01-10 16:17:02 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-10 16:16:59 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-01-10 16:16:46 ----D---- C:\WINDOWS\CbsTemp
2018-01-09 17:10:48 ----D---- C:\Users\Petr\AppData\Roaming\discord
2018-01-08 18:47:20 ----D---- C:\WINDOWS\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2018-01-19 107328]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2018-01-19 134368]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2018-01-19 180088]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2018-01-19 81880]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2018-01-19 106304]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-01-01 385024]
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2018-01-19 50744]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R2 npf;NetGroup Packet Filter Driver; \??\C:\Windows\system32\drivers\npf.sys [2017-01-03 36600]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-09-29 79872]
R3 iaLPSS2_GPIO2;@oem35.inf,%iaLPSS2_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [2016-08-29 89912]
R3 iaLPSS2_I2C;@oem36.inf,%iaLPSS2_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [2016-08-29 184632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2018-01-24 6038440]
R3 MEIx64;@oem3.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2017-07-27 206496]
R3 NVHDA;@oem9.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2017-11-14 225208]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c791f781cd94491f\nvlddmkm.sys [2017-11-15 16989296]
R3 nvvad_WaveExtensible;@oem0.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-10-11 50624]
R3 nvvhci;@oem12.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-11-16 57792]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-09-29 604160]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2017-10-21 15392]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-10-25 45464]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 dg_ssudbus;@oem20.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 Ke2200;NDIS Miniport Driver for Killer e2201/e2202 PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\e22w8x64.sys [2015-09-03 157752]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-11-16 30144]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2016-10-01 469568]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]
S3 ssudmdm;@oem24.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_43e04;CDPUserSvc_43e04; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-01-30 7968432]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2017-12-18 1940584]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2017-09-25 197264]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2017-09-25 419984]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-16 519104]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-11-14 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-11-16 460736]
R2 OneSyncSvc_43e04;OneSyncSvc_43e04; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-12-19 3025224]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2017-08-24 76152]
R2 SbaService;Intel(R) Small Business Advantage Service; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe [2015-10-14 26296]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-01-01 519152]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_43e04;PimIndexMaintenanceSvc_43e04; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 Intel(R) TPM Provisioning Service;Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [2017-09-21 668472]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-12-14 6979080]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_43e04;DevicesFlowUserSvc_43e04; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\system32\EasyAntiCheat.exe []
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-11-01 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2017-09-21 742704]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-05-29 177288]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_43e04;MessagingService_43e04; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-01-29 194512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-16 519104]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2017-12-19 2155328]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-01-30 208560]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_43e04;PrintWorkflowUserSvc_43e04; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-01-01 956416]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Scan (Skenovanie) a pockaj na dokoncenie
  • Klikni na Clean (Cistenie) a potvrd kliknutim na OK
  • AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
  • Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

#3 Příspěvek od Pitrisek »

Ahoj, přikládám log z AdwCleaner:

# AdwCleaner 7.0.7.0 - Logfile created on Thu Feb 08 10:20:32 2018
# Updated on 2018/18/01 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files (x86)\Amazon Browser Settings
Deleted: C:\Users\Petr\AppData\Local\Amazon Browser Settings


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: DistromaticSearchProtect-logon
Deleted: DistromaticUpdater-periodic
Deleted: DistromaticSearchProtect-hourly
Deleted: DistromaticUpdater-logon


***** [ Registry ] *****

Deleted: [Key] - HKU\S-1-5-21-760769228-1290641064-2046472209-1001\Software\distromatic
Deleted: [Key] - HKCU\Software\distromatic
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Assistant


***** [ Firefox (and derivatives) ] *****

Plugin deleted: __MSG_appName__ -


***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1523 B] - [2018/2/8 10:18:40]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

#4 Příspěvek od Conder »

:arrow: Poprosim o logy z FRST podla tohto navodu (vloz sem obidva logy): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

#5 Příspěvek od Pitrisek »

Ahoj, FRSTLauncher se mi sice podařilo stáhnout, bohužel nedal se spustit, hlásí, že si mám stáhnout verzi pro své PC.
Vkládám oba logy z FRST:
Log FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08.02.2018
Ran by Petr (administrator) on DESKTOP-HT5L342 (09-02-2018 11:34:00)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: defaultuser0 & Petr)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Akamai Technologies, Inc.) C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ui\updateui.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\eOPPFrame.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [324352 2017-12-18] (ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2018-01-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Petr\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2116168 2018-01-25] (Gaijin Entertainment)
HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.)
HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [6955224 2017-06-27] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2017-05-09]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{be41ca76-b279-4b62-80e4-4db2b8a78738}: [DhcpNameServer] 10.0.0.1

Internet Explorer:
==================
HKU\S-1-5-21-760769228-1290641064-2046472209-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hal3000.cz/
HKU\S-1-5-21-760769228-1290641064-2046472209-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.hal3000.cz
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-24] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: e3w6mfl0.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\e3w6mfl0.default [2018-02-09]
FF Homepage: Mozilla\Firefox\Profiles\e3w6mfl0.default -> hxxps://www.seznam.cz.
FF NewTab: Mozilla\Firefox\Profiles\e3w6mfl0.default -> hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... 0_CZ_ff_nt_
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\e3w6mfl0.default\Extensions\abb@amazon.com.xpi [2017-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-20] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-11-14] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files 2\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-760769228-1290641064-2046472209-1001: @my.com/Games -> C:\Users\Petr\AppData\Local\MyComGames\NPMyComDetector.dll [2017-04-11] (MY.COM B.V.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6979080 2017-12-14] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7968432 2018-01-30] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-12-08] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1940584 2017-12-18] (ESET)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177288 2015-05-29] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-09-25] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2155328 2017-12-19] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3025224 2017-12-19] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-08-24] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2017-12-10] ()
R2 SbaService; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe [26296 2015-10-14] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cpuz143; C:\Users\Petr\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2018-02-08] (CPUID) <==== ATTENTION
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [134368 2018-01-19] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107328 2018-01-19] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15392 2017-10-21] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180088 2018-01-19] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50744 2018-01-19] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81880 2018-01-19] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [106304 2018-01-19] (ESET)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-29] (Intel Corporation)
S3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [157752 2015-09-03] (Qualcomm Atheros, Inc.)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-03] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c791f781cd94491f\nvlddmkm.sys [16989296 2017-11-15] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-09 11:34 - 2018-02-09 11:34 - 000015598 _____ C:\Users\Petr\Desktop\FRST.txt
2018-02-09 11:30 - 2018-02-09 11:30 - 000000000 _____ C:\Users\Petr\Desktop\FRSTLauncher.exe
2018-02-09 11:27 - 2018-02-09 11:34 - 000000000 ____D C:\FRST
2018-02-09 11:06 - 2018-02-09 11:06 - 002401792 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2018-02-08 11:21 - 2018-02-08 11:21 - 000001536 _____ C:\Users\Petr\Desktop\AdwCleaner[C0].txt
2018-02-08 11:19 - 2018-02-08 11:19 - 000001523 _____ C:\Users\Petr\Desktop\AdwCleaner[S0].txt
2018-02-08 11:17 - 2018-02-08 11:20 - 000000000 ____D C:\AdwCleaner
2018-02-08 11:14 - 2018-02-08 11:14 - 008206624 _____ (Malwarebytes) C:\Users\Petr\Desktop\adwcleaner_7.0.7.0.exe
2018-02-07 15:30 - 2018-02-07 15:30 - 000000000 ____D C:\rsit
2018-02-07 15:30 - 2018-02-07 15:30 - 000000000 ____D C:\Program Files\trend micro
2018-02-07 15:29 - 2018-02-07 15:20 - 001222144 _____ C:\Users\Petr\Desktop\RSITx64.exe
2018-02-07 11:55 - 2018-02-07 11:55 - 000002070 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2018-02-07 11:55 - 2018-02-07 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-02-07 11:55 - 2018-02-07 11:55 - 000000000 ____D C:\ProgramData\ESET
2018-02-07 11:55 - 2018-02-07 11:55 - 000000000 ____D C:\Program Files\ESET
2018-02-06 15:20 - 2018-02-06 15:20 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-01-28 18:34 - 2018-01-28 18:34 - 000000000 ____D C:\Users\Petr\Desktop\Prace
2018-01-28 00:21 - 2018-01-28 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2018-01-28 00:21 - 2018-01-28 00:21 - 000000000 ____D C:\Program Files\Nexus Mod Manager
2018-01-26 14:20 - 2018-01-26 14:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-01-24 16:54 - 2018-02-07 17:02 - 000000000 ____D C:\Users\Petr\AppData\Local\sba
2018-01-24 16:54 - 2018-01-24 16:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Intel
2018-01-24 16:44 - 2018-01-24 16:44 - 000000000 ____D C:\WINDOWS\system32\DAX3
2018-01-24 16:44 - 2018-01-24 16:44 - 000000000 ____D C:\WINDOWS\system32\DAX2
2018-01-24 16:44 - 2018-01-24 16:44 - 000000000 ____D C:\Program Files\Realtek
2018-01-24 16:43 - 2018-01-24 16:41 - 072520704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2018-01-24 16:43 - 2018-01-24 16:41 - 014964257 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2018-01-24 16:43 - 2018-01-24 16:41 - 007172904 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 006038440 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2018-01-24 16:43 - 2018-01-24 16:41 - 005804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2018-01-24 16:43 - 2018-01-24 16:41 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2018-01-24 16:43 - 2018-01-24 16:41 - 003562432 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 003509192 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 003410320 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 003299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 003205600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 003135776 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 003121112 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 002922976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 002190976 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 001382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 001351232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 001337632 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000986992 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000965016 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000877424 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000873456 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000866632 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000852128 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000737960 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000691672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000680544 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000604792 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000447712 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000406448 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000387304 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000381400 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000378376 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000366112 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000360336 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000341144 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000203832 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000158688 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000134192 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000088312 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000084608 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000083616 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 006264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 005346984 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 002839488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 002444680 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001959592 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001780608 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001544248 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001372384 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001259720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001159176 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000708304 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000504296 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000445392 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000253856 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000154360 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000118584 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2018-01-24 16:38 - 2018-01-24 16:58 - 000003738 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2018-01-24 16:37 - 2018-01-24 16:37 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Intel
2018-01-24 16:35 - 2018-01-24 16:35 - 000000000 ____D C:\Users\Petr\Intel
2018-01-24 07:56 - 2018-01-24 14:59 - 000003834 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2018-01-24 07:56 - 2018-01-24 07:56 - 000003604 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2018-01-24 07:56 - 2018-01-24 07:56 - 000001359 _____ C:\Users\Public\Desktop\Small Business Advantage.lnk
2018-01-24 07:56 - 2018-01-24 07:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-01-24 07:56 - 2018-01-24 07:56 - 000000000 ____D C:\ProgramData\Intel(R) Update Manager
2018-01-20 15:55 - 2018-01-20 15:55 - 000000000 ____D C:\Users\Petr\Desktop\PC
2018-01-19 16:46 - 2018-01-19 16:48 - 000000000 ____D C:\Program Files\Speccy
2018-01-19 16:46 - 2018-01-19 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-01-19 16:45 - 2018-02-06 15:20 - 000000000 ____D C:\Program Files\CCleaner
2018-01-19 16:45 - 2018-01-20 15:56 - 000000000 ____D C:\Program Files\Recuva
2018-01-19 16:45 - 2018-01-19 16:45 - 000002868 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-01-19 16:45 - 2018-01-19 16:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2018-01-19 16:45 - 2018-01-19 16:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-01-19 12:51 - 2018-01-19 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-01-13 12:43 - 2018-01-13 12:43 - 000000000 ____D C:\Users\Petr\AppData\Local\Nexus
2018-01-11 21:07 - 2018-01-11 21:07 - 000000000 ____D C:\Users\Petr\AppData\Local\LOOT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-09 11:03 - 2016-12-21 10:23 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2018-02-09 10:45 - 2017-11-02 15:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-09 10:08 - 2017-11-02 15:30 - 000004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0168F5E8-EA3A-41FF-8341-6C0993646D71}
2018-02-09 10:08 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-09 10:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-09 10:04 - 2017-04-20 14:11 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-08 22:30 - 2017-01-08 17:43 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2018-02-08 22:30 - 2016-09-13 17:44 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-08 18:01 - 2016-12-24 10:39 - 000280856 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2018-02-08 18:01 - 2016-12-23 10:35 - 000280856 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2018-02-08 11:27 - 2017-11-02 15:35 - 002313362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-08 11:27 - 2017-09-30 15:31 - 001024480 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-08 11:27 - 2017-09-30 15:31 - 000234516 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-08 11:21 - 2017-11-02 15:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-08 11:20 - 2017-09-29 09:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-02-08 11:20 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-02-07 20:39 - 2017-03-12 22:09 - 000811760 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2018-02-07 17:03 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-07 12:29 - 2017-05-06 11:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-02-07 12:29 - 2016-12-21 10:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-07 09:29 - 2017-11-02 15:27 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2018-02-06 15:30 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-06 15:30 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-06 10:09 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-06 10:08 - 2016-12-21 12:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-02-01 06:43 - 2017-11-02 15:30 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-760769228-1290641064-2046472209-1001
2018-02-01 06:43 - 2016-12-02 12:53 - 000002384 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-01 06:43 - 2016-12-02 12:53 - 000000000 ___RD C:\Users\Petr\OneDrive
2018-01-30 14:08 - 2016-12-21 19:19 - 000000000 ____D C:\Users\Petr\Desktop\HRY
2018-01-29 19:08 - 2016-12-21 10:23 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-01-28 10:34 - 2017-05-18 14:22 - 000000000 ____D C:\Users\Petr\AppData\Local\Battle.net
2018-01-28 10:34 - 2016-09-13 17:46 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-01-28 01:05 - 2016-12-28 06:25 - 000000000 ____D C:\Users\Petr\AppData\Local\Fallout4
2018-01-28 00:21 - 2016-12-23 08:47 - 000000000 ____D C:\Users\Petr\AppData\Local\Black_Tree_Gaming
2018-01-26 14:25 - 2016-09-13 17:44 - 000000000 ____D C:\ProgramData\Origin
2018-01-26 14:20 - 2017-01-12 15:51 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Origin
2018-01-25 19:35 - 2017-04-20 16:48 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TS3Client
2018-01-25 16:51 - 2017-11-14 14:34 - 000000000 ____D C:\Users\Petr\AppData\Local\Akamai
2018-01-24 16:58 - 2016-11-07 18:26 - 000000000 ____D C:\Program Files (x86)\Intel
2018-01-24 16:58 - 2016-09-13 17:43 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-24 16:47 - 2016-11-07 18:12 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-01-24 16:44 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-24 16:44 - 2017-04-20 14:11 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-01-24 16:38 - 2016-11-07 18:26 - 000000000 ____D C:\ProgramData\Intel
2018-01-24 16:37 - 2016-11-07 18:25 - 000000000 ____D C:\Program Files\Intel
2018-01-24 16:35 - 2017-11-02 15:27 - 000000000 ____D C:\Users\Petr
2018-01-24 07:52 - 2017-04-22 10:32 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-01-24 07:52 - 2017-04-22 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-24 07:52 - 2017-04-22 10:31 - 000000000 ____D C:\Program Files (x86)\Java
2018-01-24 07:52 - 2017-01-07 11:38 - 000000000 ____D C:\ProgramData\Oracle
2018-01-20 15:56 - 2017-01-25 16:55 - 000000000 ____D C:\Users\Petr\Desktop\Stahovani Filmy ...atd
2018-01-19 15:32 - 2017-11-01 20:51 - 000134368 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2018-01-19 15:32 - 2017-11-01 20:51 - 000106304 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2018-01-19 15:31 - 2017-11-01 20:51 - 000180088 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2018-01-19 15:31 - 2017-11-01 20:51 - 000107328 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2018-01-19 15:31 - 2017-11-01 20:51 - 000081880 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2018-01-19 15:31 - 2017-11-01 20:51 - 000050744 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2018-01-19 13:33 - 2017-11-14 15:25 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2018-01-19 13:28 - 2017-11-02 15:25 - 000430928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-19 13:25 - 2017-11-14 14:36 - 000000000 ____D C:\ProgramData\Autodesk
2018-01-19 13:22 - 2017-07-11 17:07 - 000000000 ____D C:\Users\Petr\AppData\Local\Google
2018-01-19 13:22 - 2017-07-11 17:07 - 000000000 ____D C:\Program Files (x86)\Google
2018-01-19 13:14 - 2017-02-23 16:44 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spencer Sharkey
2018-01-19 13:13 - 2017-11-14 14:45 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2018-01-19 13:08 - 2017-11-14 15:00 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Autodesk
2018-01-19 12:51 - 2016-09-13 17:44 - 000000000 ____D C:\ProgramData\Electronic Arts
2018-01-10 16:18 - 2016-12-21 10:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-10 16:17 - 2017-10-11 18:34 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-10 16:16 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-10 16:16 - 2016-12-21 10:24 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-10 16:09 - 2016-12-23 08:38 - 000000000 ____D C:\Users\Petr\AppData\Local\Skyrim

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-05 13:22

==================== End of FRST.txt ============================

Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

#6 Příspěvek od Pitrisek »

Nyní log Adition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08.02.2018
Ran by Petr (09-02-2018 11:34:22)
Running from C:\Users\Petr\Desktop
Windows 10 Home Version 1709 16299.192 (X64) (2017-11-02 14:32:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-760769228-1290641064-2046472209-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-760769228-1290641064-2046472209-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-760769228-1290641064-2046472209-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-760769228-1290641064-2046472209-501 - Limited - Disabled)
Petr (S-1-5-21-760769228-1290641064-2046472209-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-760769228-1290641064-2046472209-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
Armored Warfare MyCom (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Armored Warfare MyCom) (Version: 1.119 - My.com B.V.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
CanoScan 4400F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform)
Crossout Launcher 1.0.3.18 (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\CrossOutLauncher_is1) (Version: - )
Discord (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 11.0.159.5 - ESET, spol. s r.o.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Farming Simulator 17 (HKLM-x32\...\FarmingSimulator2017_is1) (Version: 1.0.0.0 - GIANTS Software)
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Hellspy Download Klient verze 1.1.0 (HKLM-x32\...\{13E6D19D-4878-43E7-894F-3655CE017038}_is1) (Version: 1.1.0 - Hellspy.cz)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Update Manager (HKLM-x32\...\{89E5F369-612A-4A5E-8BF2-7938C76ABF29}) (Version: 3.0.135 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Intel® Small Business Advantage (HKLM-x32\...\{C7A82877-2365-4A03-B23F-DFDD629B7F3A}) (Version: 4.0.44 - Intel Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.9001.2138 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 58.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 58.0.1 (x64 cs)) (Version: 58.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.1.6602 - Mozilla)
My.com Game Center (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\MyComGames) (Version: 3.199 - My.com B.V.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.31 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.31 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.17910 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 388.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.31 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Total War Arena (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\TWA.EU.PRODUCTION) (Version: - Wargaming.net)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Wargaming.net Game Center) (Version: 17.10.1.7323 - Wargaming.net)
World of Warships EU (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files 2\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files 2\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files 2\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd)
ContextMenuHandlers6_S-1-5-21-760769228-1290641064-2046472209-1001: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {101DFD78-0438-4687-9734-4AD961ADF113} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {22B8A2AF-45A7-4B78-9622-CA91D83AF950} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-03] (AVAST Software)
Task: {2A7ACEBF-D2D4-476B-94E4-E23218383CC8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-05-29] ()
Task: {37534876-BA39-42DA-B793-DCA219F4C58F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-16] (NVIDIA Corporation)
Task: {5AC75926-7157-4133-991C-B3AEFFFE2AFF} - System32\Tasks\S-1-5-21-760769228-1290641064-2046472209-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {5D84A88C-F207-48C2-8D36-E1CE3787C818} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-16] (NVIDIA Corporation)
Task: {6094D31F-AD8C-49A3-B73A-0ABD0CD7A3AD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-16] (NVIDIA Corporation)
Task: {76DEE191-D987-4876-BAA7-F92D71D56884} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd)
Task: {88354A10-5545-4DCE-8FEB-9DE1BD79DA07} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-30] (Microsoft Corporation)
Task: {8E1742BA-6EC2-4037-9F9D-9AA879BEAFA7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {8EF078B2-CA30-40DE-B65E-F1A6AC34CB00} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-16] (NVIDIA Corporation)
Task: {9F1F7AFA-C2D1-4D3C-B1AA-E6937DEEA179} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {A28ADA54-E685-481D-AC4B-050CC0434077} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-16] (NVIDIA Corporation)
Task: {BA80C8F6-EC85-4C80-9C23-476EB6867849} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-16] (NVIDIA Corporation)
Task: {BC245A9A-9B7A-4F32-A5C2-9EE9EFB0C11E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-16] (NVIDIA Corporation)
Task: {C92B6959-53A5-4F4C-A5AA-C7CB5AA70A26} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-09-21] (Intel(R) Corporation)
Task: {CD0E8198-897D-4B61-A346-FF1795A6B4B6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-30] (Microsoft Corporation)
Task: {D466EBB1-35D3-4303-B0A4-B57D79E969FF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-02-06] (Microsoft Corporation)
Task: {D5F81DEC-D3E4-4E29-BBCD-A913AFB25101} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-02-06] (Microsoft Corporation)
Task: {E07D21E2-383A-4DBD-B91C-E7CA884A3B76} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-02-06] (Microsoft Corporation)
Task: {EC9E6C80-71EE-467E-84DD-5B3134E95975} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-05-29] ()
Task: {EE21E92A-455C-487B-8B1E-2B2F964843F6} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-16] (NVIDIA Corporation)
Task: {FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8} - System32\Tasks\{D11127E9-21DA-4A49-925C-8AC96A17A784} => C:\Windows\system32\pcalua.exe -a E:\monsetup.exe -d E:\

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-12-23 10:35 - 2017-12-10 15:50 - 000076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-01-07 11:51 - 2017-11-16 02:41 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-20 18:42 - 2017-11-14 20:56 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-12-05 19:49 - 2017-11-26 13:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-05 19:49 - 2017-11-26 13:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-30 14:08 - 2018-01-30 14:08 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-30 14:08 - 2018-01-30 14:08 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-30 14:08 - 2018-01-30 14:08 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-30 14:08 - 2018-01-30 14:08 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-30 14:08 - 2018-01-30 14:08 - 000667136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-01-03 14:33 - 2018-01-03 14:33 - 000061920 _____ () C:\Program Files\CCleaner\branding.dll
2018-01-09 15:21 - 2018-01-09 15:21 - 000079056 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-02-03 14:01 - 2018-02-03 14:01 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-09 10:07 - 2018-02-09 10:08 - 027138048 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-02-09 10:07 - 2018-02-09 10:08 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-09 10:07 - 2018-02-09 10:08 - 006687744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 14:35 - 2017-09-26 14:35 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-15 08:08 - 2017-12-15 08:08 - 004307968 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-12-14 07:12 - 2017-12-14 07:13 - 000477184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-12-14 07:12 - 2017-12-14 07:13 - 058590720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 14:30 - 2017-10-05 14:32 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-11-11 14:01 - 2017-11-11 14:04 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-10-05 14:30 - 2017-10-05 14:32 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-12-14 07:12 - 2017-12-14 07:13 - 003727360 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-12-14 07:12 - 2017-12-14 07:13 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2017-12-14 07:12 - 2017-12-14 07:13 - 016395264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-12-14 07:12 - 2017-12-14 07:13 - 003579904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-12-14 07:12 - 2017-12-14 07:13 - 003204096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-08-29 06:58 - 2017-08-29 06:58 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-14 07:12 - 2017-12-14 07:13 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-12-14 07:12 - 2017-12-14 07:13 - 004038144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2017-12-14 07:12 - 2017-12-14 07:13 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-12-14 07:12 - 2017-12-14 07:13 - 000214528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\SKU.dll
2015-05-29 00:22 - 2015-05-29 00:22 - 000177288 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
2018-02-09 10:07 - 2018-02-09 10:08 - 025843200 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Music.UI.exe
2018-02-09 10:07 - 2018-02-09 10:08 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-09 10:07 - 2018-02-09 10:08 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-12-01 14:49 - 2017-12-01 14:49 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2017-09-26 14:35 - 2017-09-26 14:35 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-09 10:07 - 2018-02-09 10:08 - 005527040 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Music.Visuals.dll
2017-09-25 13:28 - 2017-09-25 13:28 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-07 11:51 - 2017-11-16 02:41 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-07 11:51 - 2017-11-16 02:40 - 066906560 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2015-05-29 00:22 - 2015-05-29 00:22 - 000044168 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32api.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000062600 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pywintypes27.dll
2015-05-29 00:22 - 2015-05-29 00:22 - 000121992 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pythoncom27.dll
2015-05-29 00:22 - 2015-05-29 00:22 - 000024200 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_multiprocessing.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000031368 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_socket.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000445064 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ssl.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000288904 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_hashlib.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000019080 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\select.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000046728 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ctypes.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000028296 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32service.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000025736 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\servicemanager.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000023176 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32pipe.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000044680 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32file.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000021128 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32event.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000372360 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_bsddb.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000026248 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32process.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000023176 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32ts.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000021640 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32profile.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000045704 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32security.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000027784 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32inet.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000024200 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\EnvironmentID.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\.rdata:X [526]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-760769228-1290641064-2046472209-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BED89A64-459F-48F3-96CC-8DCAA1EBC569}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate General Gettysburg\Bug Reporter.exe
FirewallRules: [{B2DDFB90-A8BA-4B10-BE66-AB0D8C11EDDD}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate General Gettysburg\Bug Reporter.exe
FirewallRules: [{81981957-63AC-4403-A9DF-E98A497C383F}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate General Gettysburg\Ultimate General Multiplayer.exe
FirewallRules: [{D2C0B398-C8F4-43EC-B0E3-7D232D15FAE5}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate General Gettysburg\Ultimate General Multiplayer.exe
FirewallRules: [{57EA29AD-CE60-42E5-B31C-57DB03959CF3}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate General Gettysburg\Ultimate General Gettysburg.exe
FirewallRules: [{75ECA8A0-3F22-4601-9CCA-A646B579C619}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate General Gettysburg\Ultimate General Gettysburg.exe
FirewallRules: [{7553F95B-010B-4EAE-88BB-64FD2DF747A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{070F2889-2CEA-45FB-8982-9A1B945977CA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{A8EA25A7-1883-441E-92AD-CAA124612BA6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{689D0580-3770-43B5-B32A-714580A4A48A}] => (Allow) D:\SteamLibrary\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{8FAA2C3C-1A80-4470-A7AA-EF00F7EF5F83}] => (Allow) D:\SteamLibrary\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{2224B2F2-D468-48D2-A566-441EBCF43623}] => (Allow) D:\SteamLibrary\steamapps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{D3BC3F78-24EA-41F9-829F-089DF56A3133}] => (Allow) D:\SteamLibrary\steamapps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{D104AD72-C7CD-49B0-8888-9B0FB52E24C1}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{1A4386A7-BD9C-47A4-8630-2F51FAA3CFD5}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{692ACD52-03C4-45B5-BE75-386A24B3D6C3}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{DD3486CC-8F90-4239-AC90-A8AB7B8D9B6F}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{38F38AF9-C784-4B6F-8D6D-256F63D8F6A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CC1F3112-25F1-4C38-8314-B4A5BDDB4C10}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2B783C8A-8E76-4162-A818-F5B9A25B9651}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B20DEB53-5EFB-43B8-A447-1181E9933130}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D710625B-AA23-4382-B683-C7F761B39430}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{8D54D0AC-C4AF-4A86-A5D2-F0AEF933D9D9}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{452EE642-AB2F-4C23-8A4D-4FFED7CE39B1}] => (Allow) D:\SteamLibrary\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{EDC62BEF-DBC5-4F60-B06B-BB1DFD9F7587}] => (Allow) D:\SteamLibrary\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{069760DA-F9C5-4216-A871-650ABCAD652D}] => (Allow) D:\SteamLibrary\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{E1AA505D-0C4F-4256-92EA-662E5BA4EA47}] => (Allow) D:\SteamLibrary\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{EA92DF91-855E-42A9-8CFF-4D9B478CBB23}] => (Allow) D:\SteamLibrary\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{994001A7-BB4A-41B7-A050-40EA1AAA7A46}] => (Allow) D:\SteamLibrary\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{4A6E9CE1-D23C-4A66-8C29-3F69ADB7395F}] => (Allow) D:\Games\Armored Warfare MyCom\bin64\armoredwarfare.exe
FirewallRules: [{5CA6D3AB-B463-45F8-9B66-7AB5615487F9}] => (Allow) D:\Games\Armored Warfare MyCom\bin64\armoredwarfare.exe
FirewallRules: [{0D6C5DD9-F921-4849-9CDC-AAE7FBFFA082}] => (Allow) C:\Users\Petr\AppData\Local\MyComGames\MyComGames.exe
FirewallRules: [{3B090D32-3EA4-47DD-BDA1-9A2E22F2580D}] => (Allow) C:\Users\Petr\AppData\Local\MyComGames\MyComGames.exe
FirewallRules: [{7D6E6852-4DE3-4664-BBE8-542F006AFBCD}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{4DC711F8-2B78-48DD-A0C9-EA4CD91B6D42}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{8D155E35-61F5-4037-A026-CE7E862C1F91}] => (Allow) D:\Program Files 2\FormatFactory\FormatFactory.exe
FirewallRules: [{AAF07231-DBB2-4987-9416-A0838E98AE6F}] => (Allow) D:\Program Files 2\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{EC08D62B-A03F-4875-947D-171435A9F98E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4F276352-9ECD-4AD4-9C51-81CAFCE354A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5BDB3884-207F-4374-A0D7-58A9E236501D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B3EC1ECF-87AA-466D-A91F-6032817149EC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{02F83C76-F5D3-4EA3-A49E-C1EEA769C90B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CAD338C5-4816-418B-AAD2-ADECDAC5F098}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BB0361B7-4722-4694-AAB0-B8BA3A6AE42D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A86C4249-E6C7-4B13-B595-1B4E7B6ACD17}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{025444CC-31FA-46E1-96EC-96D1F546642B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{860286C2-A361-4040-8162-2EBCFCF8CB9C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{351554C2-BCED-4161-99BB-AE445266A5DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{700C6251-9880-4F68-B23A-10E2DC516593}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A6129D68-2C5B-43AF-B27E-BB89DEDCE789}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EEFAF390-013D-4A2C-AF33-AF9FF3CEB987}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ABD36C8D-7364-41BC-9CC9-D2EE56D111C0}] => (Allow) D:\Program Files 2\FormatFactory\FormatFactory.exe
FirewallRules: [{8B127BF7-0C53-4401-B457-7F34FC669446}] => (Allow) D:\Program Files 2\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{D4CFA4AD-9EF3-4CF5-A4E6-A5E9D61DA38D}] => (Allow) D:\Program Files 2\FormatFactory\FormatFactory.exe
FirewallRules: [{C5304FBA-9580-43B3-A894-953518AAC19F}] => (Allow) D:\Program Files 2\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{9BE5AE4C-21A3-4733-B5B5-CAECE09AE139}] => (Allow) D:\Program Files 2\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{60A9E689-3277-45CF-9E9B-757D735DA4F1}] => (Allow) D:\Games\Farming Simulator 2017\FarmingSimulator2017.exe
FirewallRules: [{306EBDD8-8CFA-45DA-9553-A8DADB5520E0}] => (Allow) D:\Games\Farming Simulator 2017\FarmingSimulator2017.exe
FirewallRules: [{2CFF49D1-EB38-4614-ADF9-276C5924BF7A}] => (Allow) D:\Games\Farming Simulator 2017\x86\FarmingSimulator2017Game.exe
FirewallRules: [{AE60A80F-38B5-450E-879A-FEA0F5069009}] => (Allow) D:\Games\Farming Simulator 2017\x86\FarmingSimulator2017Game.exe
FirewallRules: [{1C2D7D65-1770-4E93-A0DC-AF95937DB892}] => (Allow) D:\Games\Farming Simulator 2017\x64\FarmingSimulator2017Game.exe
FirewallRules: [{89CFE581-2D64-498E-BD86-2068CD1EF817}] => (Allow) D:\Games\Farming Simulator 2017\x64\FarmingSimulator2017Game.exe
FirewallRules: [{0BAC8CF0-56B4-487E-891D-B3C699083D18}] => (Allow) C:\Users\Petr\AppData\Local\MyComGames\MyComGames.exe
FirewallRules: [{45462907-93FA-4AB1-941A-ACE661CA2626}] => (Allow) C:\Users\Petr\AppData\Local\MyComGames\MyComGames.exe
FirewallRules: [{45708D2D-E281-445B-B13D-5A17701F1E3E}] => (Allow) LPort=61277
FirewallRules: [{818C1962-4982-45B2-A1DB-E32BCF70BBF1}] => (Allow) LPort=5000
FirewallRules: [{FBEE722F-0677-46E8-9CB3-C79A80FBF075}] => (Allow) D:\SteamLibrary\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{DD7F1A04-4E08-45AC-8A18-C8C6B115CD44}] => (Allow) D:\SteamLibrary\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{22429FE5-B1DB-4D50-A0B4-C91AEFB199F4}] => (Allow) D:\SteamLibrary\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{1040849A-09C5-40DC-8AAC-906917F3F648}] => (Allow) D:\SteamLibrary\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{86B8C916-13A6-4213-9278-7CD6353D7FA8}] => (Allow) D:\SteamLibrary\steamapps\common\dayofinfamy\dayofinfamy_BE.exe
FirewallRules: [{E4C09121-A73F-468F-B618-481071DE4C48}] => (Allow) D:\SteamLibrary\steamapps\common\dayofinfamy\dayofinfamy_BE.exe
FirewallRules: [{73223192-DD89-4041-8450-15FFAAFAFA02}] => (Allow) D:\Program Files 2\FormatFactory\FormatFactory.exe
FirewallRules: [{331696D0-417D-4050-BE10-3C5A63AD7E75}] => (Allow) D:\Program Files 2\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{65437E05-7A4F-45B6-AAC0-05DE0A1D56A3}] => (Allow) D:\Program Files 2\FormatFactory\FormatFactory.exe
FirewallRules: [{8A4ED4DD-2D23-4FFF-A7D6-25C017D23279}] => (Allow) D:\Program Files 2\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{C5488539-A6A3-49F3-B8E6-1767B09885C7}] => (Allow) D:\SteamLibrary\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe
FirewallRules: [{87C7A02A-8A6B-44AC-9924-D6CE28461553}] => (Allow) D:\SteamLibrary\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe
FirewallRules: [{AEACEB30-77E7-4872-8100-D42D963E8B7E}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer 40,000 - Eternal Crusade\EternalCrusadeClient.exe
FirewallRules: [{6FCC2CC8-6334-4F0B-BE3D-AD12AB1734EB}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer 40,000 - Eternal Crusade\EternalCrusadeClient.exe
FirewallRules: [{180BBAF6-25A0-47BF-9898-8E30C126B1D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{001F8C36-D0E7-40AA-8563-6BC6A4A9125A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{70AA2FAC-889E-4747-8310-E74DCA2F7EAB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{491B26AA-EA65-4763-B0E3-5471B4E6F28C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6CE81253-F536-47D9-ABEB-A9CD3F71C8E7}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{245126E6-0E5F-407C-920B-A0931815AF44}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{5BA255F3-D65D-4CD3-B895-1B07E5AB8203}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{B068D09B-C354-479D-9C10-20A21E3F848C}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{FF2861EE-98F1-48F7-AC2D-6A40B27FEC73}] => (Allow) D:\SteamLibrary\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{77CDBE2D-7CD6-4498-953E-D439261AFC0A}] => (Allow) D:\SteamLibrary\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{22102ABD-0FCE-45C6-8C17-9EC4CCEF4974}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{64DFC0EF-D6EB-45C9-AB3B-882BBD8D6A44}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{0499C4B7-32F3-45B0-ABB8-B5848D697355}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{61FF2AAE-EE4F-49EF-85BF-A883275FD491}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{AC4C8669-3F8F-4D66-AF46-4C7F9D9F2AC4}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{33D17C39-35AD-4530-A70C-572838CD6ADA}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{D08B1DD4-4BC2-4F0D-BB20-86C13673140D}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{01E9D9E3-1A12-4F54-A617-76A0AF4692AB}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{E8B71822-F6DB-4205-949E-B3E2A09008D6}] => (Allow) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\Sba.exe
FirewallRules: [{09486520-A797-4C36-8A23-8E5FE08E34DD}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{F403D2A0-7E32-4AFE-B329-7CC13C26D6D3}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{04D9E734-AC5C-43C1-9BAF-358301DD801A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{F632B7FD-8343-4920-8E36-6F3E160955A0}] => (Allow) D:\SteamLibrary\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{0B3B84CB-ECD9-4F44-BBE7-59E40AE38725}] => (Allow) D:\SteamLibrary\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe

==================== Restore Points =========================

24-01-2018 07:51:11 Pred instalaci ovladacu
31-01-2018 19:46:59 Naplánovaný kontrolní bod
07-02-2018 11:54:25 Installed ESET Security

==================== Faulty Device Manager Devices =============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/08/2018 09:00:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Warhammer2.exe verze 1.3.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: efc

Čas spuštění: 01d3a1173e469913

Čas ukončení: 2

Cesta k aplikaci: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe

ID hlášení: a64a02cf-615b-4993-bc14-e5c96fa41780

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (02/08/2018 08:39:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Název chybujícího modulu: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000171fdb2
ID chybujícího procesu: 0x1e54
Čas spuštění chybující aplikace: 0x01d3a1147cdaaf86
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
Cesta k chybujícímu modulu: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
ID zprávy: eaf53e22-066b-4758-b87f-1875bd372e9a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/08/2018 08:34:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Název chybujícího modulu: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000001758ecc
ID chybujícího procesu: 0x1044
Čas spuštění chybující aplikace: 0x01d3a113c1df1a70
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
Cesta k chybujícímu modulu: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
ID zprávy: 64465643-d30d-495b-93e5-0d67f728c2fa
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/08/2018 08:18:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Název chybujícího modulu: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000f69ad0
ID chybujícího procesu: 0x1ac8
Čas spuštění chybující aplikace: 0x01d3a11173122eff
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
Cesta k chybujícímu modulu: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
ID zprávy: 450aa5f1-b366-4ef1-b661-1b2d50bb3991
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/08/2018 08:02:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Název chybujícího modulu: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000171fdb2
ID chybujícího procesu: 0x2368
Čas spuštění chybující aplikace: 0x01d3a10f4c7647fe
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
Cesta k chybujícímu modulu: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
ID zprávy: ca8ccddd-b303-45aa-9924-fe6e95e86552
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/08/2018 07:41:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rogame.exe, verze: 0.0.0.0, časové razítko: 0x561eae04
Název chybujícího modulu: rogame.exe, verze: 0.0.0.0, časové razítko: 0x561eae04
Kód výjimky: 0xc0000005
Posun chyby: 0x0094f6c8
ID chybujícího procesu: 0x2a80
Čas spuštění chybující aplikace: 0x01d3a0fe3480516d
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Red Orchestra 2\binaries\win32\rogame.exe
Cesta k chybujícímu modulu: D:\SteamLibrary\steamapps\common\Red Orchestra 2\binaries\win32\rogame.exe
ID zprávy: 0f287d81-da58-49cf-b216-5c5ce74905ba
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/08/2018 02:52:57 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (02/08/2018 11:21:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_stisvc, verze: 10.0.16299.15, časové razítko: 0x9c786b9a
Název chybujícího modulu: ntdll.dll, verze: 10.0.16299.192, časové razítko: 0x6dead514
Kód výjimky: 0xc0000008
Posun chyby: 0x00000000000a3c1a
ID chybujícího procesu: 0xd6c
Čas spuštění chybující aplikace: 0x01d3a0c6857bad00
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: e6efaf02-68d4-409d-9571-80636e07c556
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/07/2018 08:11:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Název chybujícího modulu: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000f69ad0
ID chybujícího procesu: 0x29b8
Čas spuštění chybující aplikace: 0x01d3a0474a719f16
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
Cesta k chybujícímu modulu: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
ID zprávy: 8759eaef-cac3-4ecc-8e7c-381bb78ece59
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/07/2018 06:14:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Název chybujícího modulu: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000171fdb2
ID chybujícího procesu: 0x8cc
Čas spuštění chybující aplikace: 0x01d3a037169c5df6
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
Cesta k chybujícímu modulu: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
ID zprávy: 1f9c6b0d-6e32-4230-82b4-d325b8502b98
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/09/2018 10:04:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/09/2018 10:04:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/09/2018 10:04:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/09/2018 10:04:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/08/2018 02:56:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HT5L342)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-HT5L342\Petr (SID: S-1-5-21-760769228-1290641064-2046472209-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/08/2018 02:50:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/08/2018 02:50:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/08/2018 02:50:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/08/2018 02:50:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/08/2018 11:21:12 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Načítání obrázků (WIA) byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================
Date: 2018-01-19 13:23:11.104
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:23:10.557
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:23:10.218
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:23:10.161
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:23:10.084
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:22:54.013
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:22:53.949
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:22:46.481
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:22:46.411
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-15 18:06:35.975
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 18%
Total physical RAM: 16346.74 MB
Available physical RAM: 13394.45 MB
Total Virtual: 18778.74 MB
Available Virtual: 15546.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.08 GB) (Free:132.68 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:366.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 079F937A)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 079F9369)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

#7 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    Folder: C:\ProgramData\.rdata
    
    HKU\S-1-5-21-760769228-1290641064-2046472209-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hal3000.cz/
    HKU\S-1-5-21-760769228-1290641064-2046472209-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hal3000.cz
    FF NewTab: Mozilla\Firefox\Profiles\e3w6mfl0.default -> hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ff_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_ed5fe47d_1201_1403_20170120_CZ_ff_nt_
    R3 cpuz143; C:\Users\Petr\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2018-02-08] (CPUID) <==== ATTENTION
    
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
    CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
    ContextMenuHandlers6_S-1-5-21-760769228-1290641064-2046472209-1001: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} =>  -> No File
    Task: {101DFD78-0438-4687-9734-4AD961ADF113} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8} - System32\Tasks\{D11127E9-21DA-4A49-925C-8AC96A17A784} => C:\Windows\system32\pcalua.exe -a E:\monsetup.exe -d E:\
    AlternateDataStreams: C:\ProgramData\.rdata:X [526]
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

#8 Příspěvek od Pitrisek »

Tak jsem udělal vše, jak jsi mi napsal. Po spuštění FRST a spuštění Fixu se ihned vytvořil Fixlog.txt a také na mě vyskočila tato hláška:
Autolt Error
line19394 (File "C:\Users\Petr\Desktop\FRST.exe")
Error: Variable used without being declared
OK (Program pořád dloho čistil, tak jsem potvrdil OK, FRST se zavřel, ale restart PC neprovedl.
Přikládám Fixlog.txt:

Fix result of Farbar Recovery Scan Tool (x64) Version: 08.02.2018
Ran by Petr (10-02-2018 09:39:58) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: defaultuser0 & Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

Folder: C:\ProgramData\.rdata

HKU\S-1-5-21-760769228-1290641064-2046472209-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hal3000.cz/
HKU\S-1-5-21-760769228-1290641064-2046472209-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hal3000.cz
FF NewTab: Mozilla\Firefox\Profiles\e3w6mfl0.default -> hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... 0_CZ_ff_nt_
R3 cpuz143; C:\Users\Petr\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2018-02-08] (CPUID) <==== ATTENTION

CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ContextMenuHandlers6_S-1-5-21-760769228-1290641064-2046472209-1001: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => -> No File
Task: {101DFD78-0438-4687-9734-4AD961ADF113} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8} - System32\Tasks\{D11127E9-21DA-4A49-925C-8AC96A17A784} => C:\Windows\system32\pcalua.exe -a E:\monsetup.exe -d E:\
AlternateDataStreams: C:\ProgramData\.rdata:X [526]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= Folder: C:\ProgramData\.rdata ========================

C:\ProgramData\.rdata => File

====== End of Folder: ======

HKU\S-1-5-21-760769228-1290641064-2046472209-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-760769228-1290641064-2046472209-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"Firefox newtab" => removed successfully
cpuz143 => Unable to stop service.
"HKLM\System\CurrentControlSet\Services\cpuz143" => removed successfully
cpuz143 => service removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}" => removed successfully
"HKU\S-1-5-21-760769228-1290641064-2046472209-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}" => removed successfully

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

#9 Příspěvek od Conder »

:arrow: Vyzera to na bug vo FRST. Spusti znovu FRST a nechaj ho aktualizovat (v case tohto prispevku je posledna verzia 10.2.2018 01).

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    File: C:\ProgramData\.rdata
    
    ContextMenuHandlers6_S-1-5-21-760769228-1290641064-2046472209-1001: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} =>  -> No File
    Task: {101DFD78-0438-4687-9734-4AD961ADF113} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8} - System32\Tasks\{D11127E9-21DA-4A49-925C-8AC96A17A784} => C:\Windows\system32\pcalua.exe -a E:\monsetup.exe -d E:\
    AlternateDataStreams: C:\ProgramData\.rdata:X [526]
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

#10 Příspěvek od Pitrisek »

Pochopil jsem dobře, že mám FRST jen spustit a program se aktualizuje sám...
Jinak při fixu se mi stalo to samé:
line19494 (File "C:\Users\Petr\Desktop\FRST.exe")
Error: Variable used without being declared
OK (Program pořád dloho čistil, tak jsem potvrdil OK, FRST se zavřel, ale restart PC neprovedl.

Přikládám Fixlog.txt:

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.02.2018 01
Ran by Petr (10-02-2018 15:53:19) Run:2
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: defaultuser0 & Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\ProgramData\.rdata

ContextMenuHandlers6_S-1-5-21-760769228-1290641064-2046472209-1001: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => -> No File
Task: {101DFD78-0438-4687-9734-4AD961ADF113} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8} - System32\Tasks\{D11127E9-21DA-4A49-925C-8AC96A17A784} => C:\Windows\system32\pcalua.exe -a E:\monsetup.exe -d E:\
AlternateDataStreams: C:\ProgramData\.rdata:X [526]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\ProgramData\.rdata ========================

C:\ProgramData\.rdata
File is digitally signed
MD5: D41D8CD98F00B204E9800998ECF8427E (0-byte)
Creation and modification date: 2017-12-10 16:01 - 2017-12-10 16:01
Size: 000000000
Attributes: --ASH
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0-byte

====== End of File: ======

Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

#11 Příspěvek od Pitrisek »

Ještě se mi objevila na ploše nová složka: FRST-OlderVersion

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

#12 Příspěvek od Conder »

:arrow: Zlozku FRST-OlderVersion vytvoril FRST pri aktualizacii, mozes ju kludne zmazat. Pouzi tento fixlist, malo by to uz ist bez problemov.

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    
    Task: {101DFD78-0438-4687-9734-4AD961ADF113} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8} - System32\Tasks\{D11127E9-21DA-4A49-925C-8AC96A17A784} => C:\Windows\system32\pcalua.exe -a E:\monsetup.exe -d E:\
    AlternateDataStreams: C:\ProgramData\.rdata:X [526]
    C:\ProgramData\.rdata
    
    DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\InventorMenu
    DeleteKey: HKLM\Software\Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}
    DeleteKey: HKEY_USERS\S-1-5-21-760769228-1290641064-2046472209-1001\Software\Classes\Folder\ShellEx\ContextMenuHandlers\InventorMenu
    DeleteKey: HKEY_USERS\S-1-5-21-760769228-1290641064-2046472209-1001\Software\Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

#13 Příspěvek od Pitrisek »

Tak jsem provedl Fix poprvé, ale žádný restart ani Fixlog akorát na mne vyskočilo nějaké okno, bohužel než jsem stačil přečíst rychle zmizelo. Proto jsem spustil FRST znovu, dal jsem Fix, proběhlo, poté vynucený restart a vytvoření Fixlogu, který přikládám (mám ostatní fixlisty a Fixlogy vymazat...?):

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.02.2018 02
Ran by Petr (10-02-2018 18:00:43) Run:3
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: defaultuser0 & Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:

Task: {101DFD78-0438-4687-9734-4AD961ADF113} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8} - System32\Tasks\{D11127E9-21DA-4A49-925C-8AC96A17A784} => C:\Windows\system32\pcalua.exe -a E:\monsetup.exe -d E:\
AlternateDataStreams: C:\ProgramData\.rdata:X [526]
C:\ProgramData\.rdata

DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\InventorMenu
DeleteKey: HKLM\Software\Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}
DeleteKey: HKEY_USERS\S-1-5-21-760769228-1290641064-2046472209-1001\Software\Classes\Folder\ShellEx\ContextMenuHandlers\InventorMenu
DeleteKey: HKEY_USERS\S-1-5-21-760769228-1290641064-2046472209-1001\Software\Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{101DFD78-0438-4687-9734-4AD961ADF113} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{101DFD78-0438-4687-9734-4AD961ADF113} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove key. ErrorCode1: 0x00000001
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8} => could not remove key. ErrorCode1: 0x00000002
C:\WINDOWS\System32\Tasks\{D11127E9-21DA-4A49-925C-8AC96A17A784} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D11127E9-21DA-4A49-925C-8AC96A17A784} => could not remove key. ErrorCode1: 0x00000002
C:\ProgramData\.rdata => ":X" ADS removed successfully
C:\ProgramData\.rdata => moved successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\InventorMenu => key not found
HKLM\Software\Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7} => key not found
"HKEY_USERS\S-1-5-21-760769228-1290641064-2046472209-1001\Software\Classes\Folder\ShellEx\ContextMenuHandlers\InventorMenu" => removed successfully
HKEY_USERS\S-1-5-21-760769228-1290641064-2046472209-1001\Software\Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7} => key not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 72458442 B
Java, Flash, Steam htmlcache => 413505338 B
Windows/system/drivers => 711260 B
Edge => 0 B
Chrome => 0 B
Firefox => 31155551 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 124814 B
NetworkService => 0 B
defaultuser0 => 8452 B
Petr => 157783963 B

RecycleBin => 106 B
EmptyTemp: => 652 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:00:52 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

#14 Příspěvek od Conder »

:arrow: Ano, mozes to zmazat.

:arrow: Poprosim o nove logy z FRST.

:arrow: Skontroluj, velkost plochy (C:\Users\Petr\Desktop). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

:arrow: Su s PC este nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

#15 Příspěvek od Pitrisek »

Zasílám logy z FRST (FRST.txt):

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2018 02
Ran by Petr (administrator) on DESKTOP-HT5L342 (10-02-2018 18:41:42)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: defaultuser0 & Petr)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Akamai Technologies, Inc.) C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ui\updateui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [324352 2017-12-18] (ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2018-01-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Petr\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2116168 2018-01-25] (Gaijin Entertainment)
HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.)
HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [6955224 2017-06-27] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2017-05-09]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{be41ca76-b279-4b62-80e4-4db2b8a78738}: [DhcpNameServer] 10.0.0.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-24] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: e3w6mfl0.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\e3w6mfl0.default [2018-02-10]
FF Homepage: Mozilla\Firefox\Profiles\e3w6mfl0.default -> hxxps://www.seznam.cz.
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\e3w6mfl0.default\Extensions\abb@amazon.com.xpi [2017-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-20] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-11-14] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files 2\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-760769228-1290641064-2046472209-1001: @my.com/Games -> C:\Users\Petr\AppData\Local\MyComGames\NPMyComDetector.dll [2017-04-11] (MY.COM B.V.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6979080 2017-12-14] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7968432 2018-01-30] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-12-08] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1940584 2017-12-18] (ESET)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177288 2015-05-29] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-09-25] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2155328 2017-12-19] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3025224 2017-12-19] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-08-24] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2017-12-10] ()
R2 SbaService; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe [26296 2015-10-14] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [134368 2018-01-19] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107328 2018-01-19] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15392 2017-10-21] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180088 2018-01-19] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50744 2018-01-19] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81880 2018-01-19] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [106304 2018-01-19] (ESET)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-29] (Intel Corporation)
S3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [157752 2015-09-03] (Qualcomm Atheros, Inc.)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-03] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c791f781cd94491f\nvlddmkm.sys [16989296 2017-11-15] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-10 18:41 - 2018-02-10 18:41 - 000013995 _____ C:\Users\Petr\Desktop\FRST.txt
2018-02-09 11:27 - 2018-02-10 18:41 - 000000000 ____D C:\FRST
2018-02-09 11:06 - 2018-02-10 17:58 - 002404864 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2018-02-08 11:17 - 2018-02-08 11:20 - 000000000 ____D C:\AdwCleaner
2018-02-08 11:14 - 2018-02-08 11:14 - 008206624 _____ (Malwarebytes) C:\Users\Petr\Desktop\adwcleaner_7.0.7.0.exe
2018-02-07 15:30 - 2018-02-07 15:30 - 000000000 ____D C:\rsit
2018-02-07 15:30 - 2018-02-07 15:30 - 000000000 ____D C:\Program Files\trend micro
2018-02-07 15:29 - 2018-02-07 15:20 - 001222144 _____ C:\Users\Petr\Desktop\RSITx64.exe
2018-02-07 11:55 - 2018-02-07 11:55 - 000002070 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2018-02-07 11:55 - 2018-02-07 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-02-07 11:55 - 2018-02-07 11:55 - 000000000 ____D C:\ProgramData\ESET
2018-02-07 11:55 - 2018-02-07 11:55 - 000000000 ____D C:\Program Files\ESET
2018-02-06 15:20 - 2018-02-06 15:20 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-01-28 18:34 - 2018-01-28 18:34 - 000000000 ____D C:\Users\Petr\Desktop\Prace
2018-01-28 00:21 - 2018-01-28 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2018-01-28 00:21 - 2018-01-28 00:21 - 000000000 ____D C:\Program Files\Nexus Mod Manager
2018-01-26 14:20 - 2018-01-26 14:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-01-24 16:54 - 2018-02-07 17:02 - 000000000 ____D C:\Users\Petr\AppData\Local\sba
2018-01-24 16:54 - 2018-01-24 16:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Intel
2018-01-24 16:44 - 2018-01-24 16:44 - 000000000 ____D C:\WINDOWS\system32\DAX3
2018-01-24 16:44 - 2018-01-24 16:44 - 000000000 ____D C:\WINDOWS\system32\DAX2
2018-01-24 16:44 - 2018-01-24 16:44 - 000000000 ____D C:\Program Files\Realtek
2018-01-24 16:43 - 2018-01-24 16:41 - 072520704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2018-01-24 16:43 - 2018-01-24 16:41 - 014964257 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2018-01-24 16:43 - 2018-01-24 16:41 - 007172904 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 006038440 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2018-01-24 16:43 - 2018-01-24 16:41 - 005804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2018-01-24 16:43 - 2018-01-24 16:41 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2018-01-24 16:43 - 2018-01-24 16:41 - 003562432 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 003509192 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 003410320 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 003299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 003205600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 003135776 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 003121112 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 002922976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 002190976 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 001382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 001351232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 001337632 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000986992 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000965016 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000877424 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000873456 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000866632 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000852128 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000737960 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000691672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000680544 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000604792 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000447712 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000406448 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000387304 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000381400 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000378376 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000366112 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000360336 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000341144 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000203832 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000158688 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000134192 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000088312 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000084608 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000083616 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2018-01-24 16:43 - 2018-01-24 16:41 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 006264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 005346984 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 002839488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 002444680 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001959592 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001780608 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001544248 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001372384 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001259720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 001159176 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000708304 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000504296 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000445392 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000253856 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000154360 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000118584 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2018-01-24 16:43 - 2018-01-24 16:40 - 000105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2018-01-24 16:38 - 2018-01-24 16:58 - 000003738 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2018-01-24 16:37 - 2018-01-24 16:37 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Intel
2018-01-24 16:35 - 2018-01-24 16:35 - 000000000 ____D C:\Users\Petr\Intel
2018-01-24 07:56 - 2018-01-24 14:59 - 000003834 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2018-01-24 07:56 - 2018-01-24 07:56 - 000003604 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2018-01-24 07:56 - 2018-01-24 07:56 - 000001359 _____ C:\Users\Public\Desktop\Small Business Advantage.lnk
2018-01-24 07:56 - 2018-01-24 07:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-01-24 07:56 - 2018-01-24 07:56 - 000000000 ____D C:\ProgramData\Intel(R) Update Manager
2018-01-20 15:55 - 2018-01-20 15:55 - 000000000 ____D C:\Users\Petr\Desktop\PC
2018-01-19 16:46 - 2018-01-19 16:48 - 000000000 ____D C:\Program Files\Speccy
2018-01-19 16:46 - 2018-01-19 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-01-19 16:45 - 2018-02-06 15:20 - 000000000 ____D C:\Program Files\CCleaner
2018-01-19 16:45 - 2018-01-20 15:56 - 000000000 ____D C:\Program Files\Recuva
2018-01-19 16:45 - 2018-01-19 16:45 - 000002868 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-01-19 16:45 - 2018-01-19 16:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2018-01-19 16:45 - 2018-01-19 16:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-01-19 12:51 - 2018-01-19 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-01-13 12:43 - 2018-01-13 12:43 - 000000000 ____D C:\Users\Petr\AppData\Local\Nexus
2018-01-11 21:07 - 2018-01-11 21:07 - 000000000 ____D C:\Users\Petr\AppData\Local\LOOT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-10 18:40 - 2016-12-21 10:23 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2018-02-10 18:08 - 2017-11-02 15:35 - 002340072 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-10 18:08 - 2017-09-30 15:31 - 001038024 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-10 18:08 - 2017-09-30 15:31 - 000238698 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-10 18:01 - 2017-11-02 15:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-10 18:01 - 2017-09-29 09:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-02-10 18:01 - 2017-05-06 11:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-02-10 18:01 - 2017-04-20 14:11 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-10 18:01 - 2016-12-21 10:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-10 18:00 - 2016-12-21 15:40 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Temp
2018-02-10 15:45 - 2017-11-02 15:30 - 000004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0168F5E8-EA3A-41FF-8341-6C0993646D71}
2018-02-10 13:57 - 2017-11-02 15:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-09 13:22 - 2016-12-21 10:23 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-02-09 10:08 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-09 10:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-08 22:30 - 2017-01-08 17:43 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2018-02-08 22:30 - 2016-09-13 17:44 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-08 18:01 - 2016-12-24 10:39 - 000280856 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2018-02-08 18:01 - 2016-12-23 10:35 - 000280856 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2018-02-08 11:20 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-02-07 20:39 - 2017-03-12 22:09 - 000811760 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2018-02-07 17:03 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-07 09:29 - 2017-11-02 15:27 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2018-02-06 15:30 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-06 15:30 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-06 10:09 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-06 10:08 - 2016-12-21 12:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-02-01 06:43 - 2017-11-02 15:30 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-760769228-1290641064-2046472209-1001
2018-02-01 06:43 - 2016-12-02 12:53 - 000002384 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-01 06:43 - 2016-12-02 12:53 - 000000000 ___RD C:\Users\Petr\OneDrive
2018-01-30 14:08 - 2016-12-21 19:19 - 000000000 ____D C:\Users\Petr\Desktop\HRY
2018-01-28 10:34 - 2017-05-18 14:22 - 000000000 ____D C:\Users\Petr\AppData\Local\Battle.net
2018-01-28 10:34 - 2016-09-13 17:46 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-01-28 01:05 - 2016-12-28 06:25 - 000000000 ____D C:\Users\Petr\AppData\Local\Fallout4
2018-01-28 00:21 - 2016-12-23 08:47 - 000000000 ____D C:\Users\Petr\AppData\Local\Black_Tree_Gaming
2018-01-26 14:25 - 2016-09-13 17:44 - 000000000 ____D C:\ProgramData\Origin
2018-01-26 14:20 - 2017-01-12 15:51 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Origin
2018-01-25 19:35 - 2017-04-20 16:48 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TS3Client
2018-01-25 16:51 - 2017-11-14 14:34 - 000000000 ____D C:\Users\Petr\AppData\Local\Akamai
2018-01-24 16:58 - 2016-11-07 18:26 - 000000000 ____D C:\Program Files (x86)\Intel
2018-01-24 16:58 - 2016-09-13 17:43 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-24 16:47 - 2016-11-07 18:12 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-01-24 16:44 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-24 16:44 - 2017-04-20 14:11 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-01-24 16:38 - 2016-11-07 18:26 - 000000000 ____D C:\ProgramData\Intel
2018-01-24 16:37 - 2016-11-07 18:25 - 000000000 ____D C:\Program Files\Intel
2018-01-24 16:35 - 2017-11-02 15:27 - 000000000 ____D C:\Users\Petr
2018-01-24 07:52 - 2017-04-22 10:32 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-01-24 07:52 - 2017-04-22 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-24 07:52 - 2017-04-22 10:31 - 000000000 ____D C:\Program Files (x86)\Java
2018-01-24 07:52 - 2017-01-07 11:38 - 000000000 ____D C:\ProgramData\Oracle
2018-01-20 15:56 - 2017-01-25 16:55 - 000000000 ____D C:\Users\Petr\Desktop\Stahovani Filmy ...atd
2018-01-19 15:32 - 2017-11-01 20:51 - 000134368 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2018-01-19 15:32 - 2017-11-01 20:51 - 000106304 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2018-01-19 15:31 - 2017-11-01 20:51 - 000180088 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2018-01-19 15:31 - 2017-11-01 20:51 - 000107328 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2018-01-19 15:31 - 2017-11-01 20:51 - 000081880 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2018-01-19 15:31 - 2017-11-01 20:51 - 000050744 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2018-01-19 13:33 - 2017-11-14 15:25 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2018-01-19 13:28 - 2017-11-02 15:25 - 000430928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-19 13:25 - 2017-11-14 14:36 - 000000000 ____D C:\ProgramData\Autodesk
2018-01-19 13:22 - 2017-07-11 17:07 - 000000000 ____D C:\Users\Petr\AppData\Local\Google
2018-01-19 13:22 - 2017-07-11 17:07 - 000000000 ____D C:\Program Files (x86)\Google
2018-01-19 13:14 - 2017-02-23 16:44 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spencer Sharkey
2018-01-19 13:13 - 2017-11-14 14:45 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2018-01-19 13:08 - 2017-11-14 15:00 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Autodesk
2018-01-19 12:51 - 2016-09-13 17:44 - 000000000 ____D C:\ProgramData\Electronic Arts

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-05 13:22

==================== End of FRST.txt ============================

Odpovědět