Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zapráskaný notebook

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
KebiQ
Návštěvník
Návštěvník
Příspěvky: 69
Registrován: 18 lis 2011 22:59

Zapráskaný notebook

#1 Příspěvek od KebiQ »

Dobrý den, rád bych vás požádal, zda-li kdybyste měli chvilku, mi mohli kouknout na log z RSIT. Důvodné podezření na nějaké neplechy v počítači, děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Patrik at 2018-02-13 20:47:30
Microsoft Windows 10 Home
System drive C: has 27 GB (3%) free of 941 GB
Total RAM: 8065 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:47:35, on 13.02.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files\trend micro\Patrik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell15.msn.com/?pc=DCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Patrik\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Patrik\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\IntelCpHDCPSvc.exe
O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Update Service (DellUpdate) - Dell Inc. - C:\Program Files (x86)\Dell Update\DellUpService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem14.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Unknown owner - C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem97.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) WiDi Software Asset Manager (Intel(R) WiDi SAM) - Intel Corporation - C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Product Registration - Dell - C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13017 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-56fc1ed8-1708-48f7-8870-8e96f2640a16 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-41cea5ae-f053-4d87-a350-16b90127645f -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-dbae7665-86ee-46eb-bdc9-aa9d8ea96919 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5e2bd8f8-bf30-4307-83f6-a181ad5122a1 -LifetimeId:03034fa4-d2b9-4d3c-950f-147ae297c35e -DeviceGroupId:
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS

C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s BthHFSrv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
dashost.exe {3eba0ede-0c18-4ae1-aa1ceffd7beed17d}
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\system32\AUDIODG.EXE 0x414
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\system32\WLANExt.exe 2370431337824
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
"C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"

c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\ibtsiva

\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
"C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider

C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Dell Customer Connect\DCCService.exe"
"C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe"
"c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe"
"C:\Program Files (x86)\Dell Update\DellUpService.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Dell\Dell Product Registration\PRSvc.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\WINDOWS\System32\svchost.exe -k smphost
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SENDINPUT
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe"
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igfxEM.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-d8ac1aee-04a8-4cc3-85bd-8b66f3b47df8 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-cabbe5f5-60f7-4b69-a9bf-c5704eff0816 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-ac2a185e-3b41-43cf-a5ed-dd03e388be6e -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-4eaaf070-d0ff-4c04-b8f0-cd971347e1eb -LifetimeId:f6adb1b2-deec-4d04-9d5d-be2cd2dedc79 -DeviceGroupId:WudfDefaultDevicePool
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\RuntimeBroker.exe -Embedding

"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"ctfmon.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\IntelCpHeciSvc.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX6
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe"
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe" -Embedding
szndesktop.exe default start
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-gpu-compositing --no-sandbox --primordial-pipe-token=537D72852F4D3331B354527419D10268 --lang=en-US --lang=en-US --log-file="C:\Users\Patrik\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=537D72852F4D3331B354527419D10268 --renderer-client-id=2 --mojo-platform-channel-handle=1836 /prefetch:1
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
chrome.exe --no-default-browser-check --new-window about:blank
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Patrik\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Patrik\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=64.0.3282.140 --initial-client-data=0x1d4,0x1d8,0x1dc,0x1d0,0x1e0,0x7ffc62622050,0x7ffc62622060,0x7ffc62622070
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=8344 --on-initialized-event-handle=644 --parent-handle=648 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1432,2285318369889246576,4088859390287694910,131072 --gpu-preferences=GAAAAAAAAAAABwAAAQAAAAAAAAAAAGAA --gpu-vendor-id=0x8086 --gpu-device-id=0x191b --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=21.20.16.4590 --gpu-driver-date=1-18-2017 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x139b --service-request-channel-token=EB45199806D4AB7DEB0599695A024D57 --mojo-platform-channel-handle=1468 --ignored=" --type=renderer " /prefetch:2
c:\windows\system32\svchost.exe -k unistacksvcgroup
/x /hideintroballoon /launchedbywindowsservice
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s DoSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe" -ServerName:App.AppX4qs51dybty2brt57cnxbh1cyc25fernm.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1432,2285318369889246576,4088859390287694910,131072 --service-pipe-token=6E2C04ACD71074A456AB7567ED89D381 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=6E2C04ACD71074A456AB7567ED89D381 --renderer-client-id=31 --mojo-platform-channel-handle=4696 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1432,2285318369889246576,4088859390287694910,131072 --service-pipe-token=D1EDA24C5C5774CE24EA3177AFE74508 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=D1EDA24C5C5774CE24EA3177AFE74508 --renderer-client-id=36 --mojo-platform-channel-handle=4264 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\Windows\System32\smartscreen.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Patrik\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-05-04 9226752]
"RtHDVBg_MAXX6"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-05-04 1485312]
"RtHDVBg_PushButton"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-05-04 1485312]
"QuickSet"=c:\Program Files\Dell\QuickSet\QuickSet.exe [2015-04-30 3075552]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-07-30 36352]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2017-06-21 1903224]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-01-19 176440]
"WavesSvc"=C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [2017-01-26 723928]
"Malwarebytes TrayApp"=C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2016-12-14 2776528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Patrik\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-01-31 1554080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06 9288408]
"GalaxyClient"=C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [2017-03-12 4013120]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-12-20 2876704]
"cz.seznam.software.autoupdate"=C:\Users\Patrik\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2017-06-29 5885352]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-02-11 12:58:52 ----D---- C:\WINDOWS\system32\drivers\wd
2018-01-16 22:06:07 ----D---- C:\Program Files (x86)\The Elder Scrolls V Skyrim LE
2018-01-14 20:58:51 ----D---- C:\Program Files (x86)\Dell Update

======List of files/folders modified in the last 1 month======

2018-02-13 20:47:33 ----D---- C:\Program Files\trend micro
2018-02-13 20:43:41 ----D---- C:\WINDOWS\DeliveryOptimization
2018-02-13 20:43:32 ----D---- C:\WINDOWS\Temp
2018-02-13 20:43:29 ----D---- C:\WINDOWS\Logs
2018-02-13 20:42:10 ----D---- C:\WINDOWS\system32\sru
2018-02-13 20:42:03 ----D---- C:\Users\Patrik\AppData\Roaming\Seznam.cz
2018-02-13 20:40:49 ----D---- C:\WINDOWS\Prefetch
2018-02-13 20:40:20 ----HD---- C:\Program Files\WindowsApps
2018-02-13 20:40:18 ----D---- C:\WINDOWS\AppReadiness
2018-02-13 20:39:41 ----D---- C:\ProgramData\NVIDIA
2018-02-11 13:28:29 ----D---- C:\WINDOWS\system32\SleepStudy
2018-02-11 13:08:34 ----D---- C:\WINDOWS\system32\config
2018-02-11 13:05:47 ----D---- C:\WINDOWS\System32
2018-02-11 13:05:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-11 12:58:52 ----D---- C:\WINDOWS\system32\drivers
2018-02-10 22:53:18 ----D---- C:\WINDOWS\CbsTemp
2018-02-10 22:53:13 ----D---- C:\WINDOWS\WinSxS
2018-02-10 22:53:13 ----D---- C:\WINDOWS\SysWOW64
2018-02-10 22:53:02 ----D---- C:\WINDOWS\system32\catroot2
2018-02-10 22:52:50 ----SHD---- C:\System Volume Information
2018-02-10 22:52:02 ----AD---- C:\Program Files (x86)\Opera
2018-02-10 20:57:07 ----D---- C:\WINDOWS\system32\Tasks
2018-02-10 20:56:59 ----D---- C:\Windows
2018-02-10 10:45:29 ----D---- C:\Users\Patrik\AppData\Roaming\vlc
2018-02-06 16:50:11 ----D---- C:\WINDOWS\INF
2018-02-06 16:49:51 ----D---- C:\WINDOWS\LiveKernelReports
2018-02-06 03:49:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-02-03 20:22:50 ----D---- C:\WINDOWS\system32\LogFiles
2018-02-03 20:09:27 ----RD---- C:\WINDOWS\Microsoft.NET
2018-01-31 18:41:34 ----D---- C:\Users\Patrik\AppData\Roaming\uTorrent
2018-01-25 17:02:45 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2018-01-22 18:19:42 ----RD---- C:\Program Files (x86)
2018-01-15 22:36:30 ----D---- C:\WINDOWS\system32\DriverStore
2018-01-14 21:00:39 ----SHDC---- C:\WINDOWS\Installer
2018-01-14 21:00:39 ----SHD---- C:\Config.Msi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-07-30 1462720]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R1 MpKsl3e615b14;MpKsl3e615b14; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FC50717C-28D8-4CAB-B3A5-D4B001157F99}\MpKsl3e615b14.sys [2018-02-13 58120]
R1 MpKsl40b16141;MpKsl40b16141; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B7CFECC8-100A-41B0-9736-07DE7E648E0F}\MpKsl40b16141.sys [2018-02-10 58120]
R1 MpKslad6486f5;MpKslad6486f5; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0515306E-12BE-4CA5-ABA8-6F1818790161}\MpKslad6486f5.sys [2018-02-10 58120]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-01-01 385024]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2017-09-29 191488]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-09-29 105472]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2017-09-29 46592]
R3 bthl2cap;@bthl2cap.inf,%bthl2cap_desc%;Ovladač podpory protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\bthl2cap.sys [2017-09-29 83968]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-09-29 78848]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-29 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 DellRbtn;@oem31.inf,%DellRbtn%;Airplane Mode Switch; C:\WINDOWS\System32\drivers\DellRbtn.sys [2015-05-08 19440]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [2016-05-18 70208]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [2016-05-18 65088]
R3 esif_lf;esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [2016-05-18 343608]
R3 Hamachi;@oem4.inf,%Hamachi.Service.DispName%;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\System32\drivers\Hamdrv.sys [2017-05-22 45680]
R3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
R3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
R3 ibtusb;@oem97.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2016-10-14 250624]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igdkmd64.sys [2017-02-20 11060192]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2017-05-04 5753856]
R3 IntcDAud;@oem127.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-12-05 820752]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2018-02-11 251840]
R3 MEIx64;@oem65.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-10-09 185600]
R3 Netwtw04;___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit; C:\WINDOWS\System32\drivers\Netwtw04.sys [2017-09-29 7689728]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_eb8e050d8fbbf1b3\nvlddmkm.sys [2017-05-02 14456944]
R3 nvvad_WaveExtensible;@oem44.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-06-21 48248]
R3 nvvhci;@oem77.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-06-21 57976]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-09-29 189440]
R3 rt640x64;@oem134.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-05-29 886528]
R3 RTSPER;@oem26.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2016-03-21 777944]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2017-10-25 1015296]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2_SPI;Intel(R) Serial IO SPI Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_SPI.sys [2015-06-17 152360]
S3 iaLPSS2_UART2;Intel(R) Serial IO UART Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [2015-06-17 281896]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 Netwtw02;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\System32\drivers\Netwtw02.sys [2015-08-24 7075568]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-06-21 30328]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-09-22 83768]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_28fc14;Uživatelská služba platformy připojených zařízení_28fc14; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 Dell Customer Connect;Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [2017-09-19 130936]
R2 Dell Foundation Services;Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [2017-01-11 97616]
R2 DellDigitalDelivery;Dell Digital Delivery Service; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2015-06-24 238320]
R2 DellUpdate;Dell Update Service; C:\Program Files (x86)\Dell Update\DellUpService.exe [2017-11-21 232320]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 esifsvc;@oem14.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [2016-06-03 1585784]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2017-02-13 640928]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2017-06-29 3418024]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-07-27 18856]
R2 ibtsiva;@oem97.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igfxCUIService.exe [2017-02-20 341976]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-10-16 207648]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-05-27 419248]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-10-16 415520]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2016-12-14 4317648]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21 495224]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-05-01 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-06-21 450168]
R2 OneSyncSvc_28fc14;Hostitel synchronizace_28fc14; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 Product Registration;Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [2017-04-06 47144]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2017-02-13 157600]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2017-05-04 324608]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-01-01 519152]
R3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\IntelCpHeciSvc.exe [2017-02-20 303064]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-11-18 43648]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-01-19 651576]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_28fc14;Data kontaktů_28fc14; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-18 107848]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2018-01-03 6971400]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\IntelCpHDCPSvc.exe [2017-02-20 480224]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_28fc14;Tok zařízení_28fc14; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2017-03-12 284736]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2016-11-10 6625856]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-18 107848]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) WiDi SAM;Intel(R) WiDi Software Asset Manager; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-24 19088]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_28fc14;Služba zasílání zpráv_28fc14; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2017-02-13 268704]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21 495224]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_28fc14;PrintWorkflow_28fc14; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-01-01 956416]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Zapráskaný notebook

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Ak nepouzivas, odporcam odinstalovat Seznam.cz listicku, vratane doplnkov v prehliadacoch.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Scan (Skenovanie) a pockaj na dokoncenie
  • Klikni na Clean (Cistenie) a potvrd kliknutim na OK
  • AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
  • Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

KebiQ
Návštěvník
Návštěvník
Příspěvky: 69
Registrován: 18 lis 2011 22:59

Re: Zapráskaný notebook

#3 Příspěvek od KebiQ »

# AdwCleaner 7.0.8.0 - Logfile created on Tue Feb 13 20:12:04 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1731 B] - [2017/1/2 18:24:59]
C:/AdwCleaner/AdwCleaner[C2].txt - [1444 B] - [2017/7/13 19:44:15]
C:/AdwCleaner/AdwCleaner[S0].txt - [2945 B] - [2017/1/2 18:23:45]
C:/AdwCleaner/AdwCleaner[S1].txt - [1969 B] - [2017/1/2 18:24:51]
C:/AdwCleaner/AdwCleaner[S2].txt - [1661 B] - [2017/7/13 19:42:16]
C:/AdwCleaner/AdwCleaner[S3].txt - [1736 B] - [2017/7/13 19:44:0]
C:/AdwCleaner/AdwCleaner[S4].txt - [1349 B] - [2018/2/13 20:9:18]


########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Zapráskaný notebook

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

KebiQ
Návštěvník
Návštěvník
Příspěvky: 69
Registrován: 18 lis 2011 22:59

Re: Zapráskaný notebook

#5 Příspěvek od KebiQ »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Ran by Patrik (administrator) on KEBIQ (13-02-2018 21:32:18)
Running from C:\Users\Patrik\Downloads
Loaded Profiles: Patrik (Available Profiles: Patrik)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\IntelCpHeciSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9226752 2017-05-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-05-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-05-04] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3075552 2015-04-30] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Audio Ltd.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.)
HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [4013120 2017-03-12] (GOG.com)
HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{574bd187-b470-42a1-8657-20da70b3e86a}: [DhcpNameServer] 10.0.1.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001 -> DefaultScope {514B86D4-6BD8-44DA-B96D-C55E6434F7BD} URL =
SearchScopes: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001 -> {09AC9B2E-643C-4C40-A3B7-FE4FE15F23C5} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001 -> {514B86D4-6BD8-44DA-B96D-C55E6434F7BD} URL =

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome:
=======
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=C214CZ105D20161013&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default [2018-02-13]
CHR Extension: (Prezentace) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-18]
CHR Extension: (YouTube) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-18]
CHR Extension: (Reload All Tabs) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdgfnbmmbdphnfhfjaidoanbdlpjgcfp [2016-10-25]
CHR Extension: (Tabulky) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-10]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-01-14]
CHR Extension: (Gmail) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-18]
CHR Extension: (Chrome Media Router) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-01-03] ()
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232320 2017-11-21] (Dell Inc.)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2016-06-03] (Intel Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [284736 2017-03-12] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-11-10] (GOG.com)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190216 2016-10-14] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-24] (Intel Corporation)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-05-04] (Realtek Semiconductor)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [615384 2017-02-07] (Waves Audio Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-19] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-19] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2016-05-18] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2016-05-18] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [343608 2016-05-18] (Intel Corporation)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2017-05-22] (LogMeIn Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-14] (Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2018-02-13] (Malwarebytes)
S3 Netwtw02; C:\WINDOWS\System32\drivers\Netwtw02.sys [7075568 2015-08-24] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_eb8e050d8fbbf1b3\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-06-21] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-03-21] (Realsil Semiconductor Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-19] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-19] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-19] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-13 21:32 - 2018-02-13 21:33 - 000019287 _____ C:\Users\Patrik\Downloads\FRST.txt
2018-02-13 21:28 - 2018-02-13 21:29 - 002405376 _____ (Farbar) C:\Users\Patrik\Downloads\FRST64.exe
2018-02-13 21:13 - 2018-02-13 21:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-13 21:04 - 2018-02-13 21:05 - 008222496 _____ (Malwarebytes) C:\Users\Patrik\Desktop\adwcleaner_7.0.8.0.exe
2018-02-07 19:32 - 2018-02-07 19:32 - 000000758 _____ C:\Users\Patrik\Documents\Obrázky – zástupce.lnk
2018-01-31 18:12 - 2018-01-31 18:15 - 000000000 ____D C:\Users\Patrik\Downloads\Bratrstvo neohrožených
2018-01-31 17:58 - 2018-01-31 18:03 - 1699127296 _____ C:\Users\Patrik\Downloads\Na hraně zítřka.avi
2018-01-28 21:07 - 2018-01-28 21:09 - 970225483 _____ C:\Users\Patrik\Downloads\Sinister.2.2015.BDRip.x264.CZ-TreZzoR.mkv
2018-01-28 21:05 - 2018-01-28 21:06 - 1799681992 _____ C:\Users\Patrik\Downloads\Sinister.2.2015.720p.BluRay.DTS.x264.CZ-.mkv
2018-01-19 22:05 - 2018-01-19 22:11 - 000000000 ____D C:\Users\Patrik\Downloads\It.2017.CZ.BRRip.XViD.DD2.0-BST
2018-01-16 22:32 - 2018-01-16 22:32 - 000001259 _____ C:\Users\Public\Desktop\The Elder Scrolls V Skyrim LE.lnk
2018-01-16 22:32 - 2018-01-16 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repacky od tomi2k9
2018-01-16 22:06 - 2018-01-16 22:32 - 000000000 ____D C:\Program Files (x86)\The Elder Scrolls V Skyrim LE
2018-01-14 21:20 - 2018-01-14 02:18 - 000000232 ___SH C:\Users\Public\Libraries.ini
2018-01-14 20:58 - 2018-01-14 20:58 - 000000000 ____D C:\Program Files (x86)\Dell Update

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-13 21:32 - 2017-07-13 21:19 - 000000000 ____D C:\FRST
2018-02-13 21:19 - 2017-11-18 16:27 - 002109148 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-13 21:19 - 2017-09-30 15:31 - 000920080 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-13 21:19 - 2017-09-30 15:31 - 000200662 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-13 21:15 - 2017-05-29 17:04 - 000000000 ____D C:\Users\Patrik\AppData\Local\LogMeIn Hamachi
2018-02-13 21:14 - 2017-09-11 10:15 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-13 21:14 - 2016-10-12 15:16 - 000000000 __SHD C:\Users\Patrik\IntelGraphicsProfiles
2018-02-13 21:13 - 2017-01-03 15:12 - 000251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2018-02-13 21:12 - 2017-11-18 16:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-13 21:12 - 2017-09-29 09:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-02-13 21:09 - 2017-01-02 19:22 - 000000000 ____D C:\AdwCleaner
2018-02-13 21:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-13 21:02 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-13 20:58 - 2017-01-02 21:20 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2018-02-13 20:58 - 2017-01-02 21:19 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\Seznam.cz
2018-02-13 20:47 - 2016-11-10 22:20 - 000000000 ____D C:\Program Files\trend micro
2018-02-13 20:40 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-13 20:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-13 20:39 - 2017-11-18 16:29 - 000004214 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{43575CD2-112D-4CB5-99CB-6620133AC848}
2018-02-11 13:28 - 2017-11-18 16:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-11 12:58 - 2017-11-18 16:11 - 000000000 ____D C:\Users\Patrik
2018-02-10 22:52 - 2016-10-30 20:33 - 000000000 ____D C:\Program Files (x86)\Opera
2018-02-10 21:05 - 2016-10-18 18:15 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-10 10:45 - 2017-01-08 22:49 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\vlc
2018-02-06 16:50 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-06 16:49 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-06 03:49 - 2017-12-18 00:07 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-12-18 00:07 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-31 18:41 - 2016-10-18 20:05 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\uTorrent
2018-01-31 17:46 - 2017-11-18 16:29 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2257346106-4197404688-2382006227-1001
2018-01-31 17:46 - 2016-10-12 15:19 - 000002396 _____ C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-31 17:46 - 2016-10-12 15:19 - 000000000 ___RD C:\Users\Patrik\OneDrive
2018-01-25 17:02 - 2016-11-12 08:54 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-23 21:21 - 2017-11-18 16:29 - 000003950 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1477856031
2018-01-21 21:34 - 2017-06-10 10:24 - 000000000 ____D C:\Users\Patrik\Desktop\Hry
2018-01-14 21:17 - 2016-10-12 15:16 - 000000000 ____D C:\Users\Patrik\AppData\Local\NVIDIA Corporation
2018-01-14 20:58 - 2016-01-27 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell

==================== Files in the root of some directories =======

2017-01-03 13:15 - 2017-01-03 13:15 - 000029696 _____ () C:\Users\Patrik\AppData\Local\MSGBOX.EXE

Some files in TEMP:
====================
2018-02-13 20:58 - 2018-02-13 20:58 - 000534528 _____ () C:\Users\Patrik\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-27 12:48

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
Ran by Patrik (13-02-2018 21:33:51)
Running from C:\Users\Patrik\Downloads
Windows 10 Home Version 1709 16299.192 (X64) (2017-11-18 15:36:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2257346106-4197404688-2382006227-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2257346106-4197404688-2382006227-503 - Limited - Disabled)
Guest (S-1-5-21-2257346106-4197404688-2382006227-501 - Limited - Disabled)
Patrik (S-1-5-21-2257346106-4197404688-2382006227-1001 - Administrator - Enabled) => C:\Users\Patrik
WDAGUtilityAccount (S-1-5-21-2257346106-4197404688-2382006227-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 25.6.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.6.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{66614300-cd9b-4a62-8b18-c97e9562dc3e}) (Version: 19.50.0 - Intel Corporation)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Dark Souls™ II verze v1.07 (HKLM-x32\...\Dark Souls™ II_is1) (Version: v1.07 - R.G. Danik1B9)
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{2228BC43-73DA-4F9A-BEE6-8E9C15328513}) (Version: 3.1.1.3832 - Dell Inc.)
Dell Update (HKLM-x32\...\{632610E3-5B12-403C-9C93-EF533ED1C113}) (Version: 1.10.5.0 - Dell Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.1.6664.10 - PC-Doctor, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{8F89B0CF-8144-43EE-AB9F-B7F8F23D85FB}) (Version: 1.1.135.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.140 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Grand Theft Auto V Update v1.36 (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Heroes of Might and Magic V Sběratelská Edice (HKLM-x32\...\Heroes of Might and Magic V Sběratelská EdiceVerze: h5 1.0, h5hof 2.1, h5tote 3.0) (Version: Verze: h5 1.0, h5hof 2.1, h5tote 3.0 - Ubisoft By_Etnik23)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{86905E62-645F-482E-A417-82C812ABD787}) (Version: 1.1.383 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{9A287643-10C5-4463-B9D1-B2404CE18CCF}) (Version: 17.1.1529.1620 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Life is Strange verze 1.05 (HKLM-x32\...\Life is Strange_is1) (Version: 1.05 - Tomi2k9)
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Malwarebytes verze 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Memorium Easy Installer High Five - Rev3 (HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\...\Memorium Easy Installer High Five - Rev3) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{d98165f5-8b37-4100-8852-a0664374ff8a}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software)
Ovládací panel NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.5.02 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:)
Rise of the Tomb Raider (HKLM-x32\...\{45F08513-973A-4C18-93FD-8E12B1908390}_is1) (Version: - Square Enix)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Software602 Form Filler (HKLM-x32\...\{04703FE3-1A8B-4467-88E6-3D6A1A0FA65A}) (Version: 4.70 - Software602 a.s.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\GOGPACKSTRONGHOLDCRUSADERHD_is1) (Version: 2.0.0.6 - GOG.com)
Stronghold HD (HKLM-x32\...\GOGPACKSTRONGHOLDHD_is1) (Version: 2.0.0.3 - GOG.com)
TeamSpeak 3 Client (HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Elder Scrolls V Skyrim LE (HKLM-x32\...\The Elder Scrolls V Skyrim LE_is1) (Version: - )
The Long Dark (HKLM-x32\...\1447763046_is1) (Version: 426 - GOG.com)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\GOGPACKTHEWITCHER2EE_is1) (Version: 3.4.0.25 - GOG.com)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - O víně a krvi (HKLM-x32\...\Blood and Wine_is1) (Version: 1.21.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Srdce z kamene (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.21.0.0 - GOG.com)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
Total War - WARHAMMER II version 1.0 (HKLM\...\Total War - WARHAMMER II_is1) (Version: 1.0 - STEAMPUNKS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [PDFConv] -> {919CF7F5-9A8E-40B9-9588-2BECA5927D98} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2016-12-14] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igfxDTCM.dll [2017-02-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2016-12-14] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06C5160E-7821-4EDF-A08D-CFFAE85E5911} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-19] (Microsoft Corporation)
Task: {0F383ED0-3209-400B-9912-AB0D6F5967FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-19] (Microsoft Corporation)
Task: {11FCE7EF-230A-4F6B-96D0-F2FCF26EC4BB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {12A689A5-A1C7-48CC-A7FA-5D4A371E5AA9} - System32\Tasks\Opera scheduled Autoupdate 1477856031 => C:\Program Files (x86)\Opera\launcher.exe [2018-01-22] (Opera Software)
Task: {1528BF43-405A-4CBA-A55C-388C83562679} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation)
Task: {1EB67222-F7CA-45BD-ACE2-B01626357828} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-18] (Google Inc.)
Task: {224908C2-CC2C-41BB-9C82-B25C75AE0C48} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {2562B48D-76D2-4F21-9BEC-97BBEA22AEC8} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-20] (PC-Doctor, Inc.)
Task: {2B198DB9-6E0B-4BDF-8686-ECDED20ECB8C} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-24] (Intel Corporation)
Task: {2E79DB59-A8CD-40F5-B298-816D7D94AFF7} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation)
Task: {30DD3ED4-C0FB-453A-8265-5D2CBA748CA4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-19] (Microsoft Corporation)
Task: {30FBC1A5-9FDA-42AE-BF51-EFF4C35265F3} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-24] (Intel Corporation)
Task: {3228A2C6-042C-4262-90B7-630A4838E503} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {440018D4-965A-4843-BB07-C388EC5FEF83} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-05-04] (Realtek Semiconductor)
Task: {466F4BA3-6F15-460C-9F7E-3F7D5FC582A4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation)
Task: {5562C75A-4722-4873-805C-49E8FC507117} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-19] (Microsoft Corporation)
Task: {74AADA89-4A0E-42BE-8F43-1E45D716E106} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {7C3FD810-8264-4DCB-ACAD-9F92E2AE17EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-18] (Google Inc.)
Task: {8F7AB1B2-3BE8-4DD0-8E10-3B373FAAF004} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {A0938E52-DA36-4157-8CD1-ABAA793E545E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation)
Task: {C53A3514-6305-48B6-82E8-F7C9279DDD76} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {E107E7EE-EDB1-4E18-A350-0BD0D674767D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation)
Task: {E2699DCB-BF7E-4B29-A0FB-EFBFACF7C044} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {E3FFBAD2-52D0-4280-A9FD-01011FBC3F60} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-19 18:11 - 2015-05-19 18:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2016-10-18 18:55 - 2017-06-21 08:07 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-03 15:12 - 2017-03-18 22:56 - 002264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-12-13 11:42 - 2017-11-26 13:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-13 11:42 - 2017-11-26 13:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-31 17:46 - 2018-01-31 17:46 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-31 17:46 - 2018-01-31 17:46 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-31 17:46 - 2018-01-31 17:47 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-31 17:46 - 2018-01-31 17:46 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2018-02-10 21:05 - 2018-02-01 07:13 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.140\libglesv2.dll
2018-02-10 21:05 - 2018-02-01 07:13 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.140\libegl.dll
2016-10-18 18:55 - 2017-06-21 08:07 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-18 18:56 - 2017-06-21 08:06 - 066837112 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-19 09:35 - 2017-09-19 09:35 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2015-06-24 01:26 - 2015-06-24 01:26 - 000155888 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2017-11-21 13:50 - 2017-11-21 13:50 - 000134016 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2015-10-16 15:14 - 2015-10-16 15:14 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [119]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2017-01-03 13:16 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Patrik\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\iSIwOG1.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "QuickSet"
HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{0D8B409F-80A0-497E-B4CD-C4CF858BCFB3}C:\program files\total war - warhammer ii\warhammer2.exe] => (Allow) C:\program files\total war - warhammer ii\warhammer2.exe
FirewallRules: [TCP Query User{2BCF7BB1-EEE0-40F8-8B38-400179594686}C:\program files\total war - warhammer ii\warhammer2.exe] => (Allow) C:\program files\total war - warhammer ii\warhammer2.exe
FirewallRules: [{9682B3A8-2CD6-49D2-A7AB-AD81C3FCFD2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B08F3113-F711-40D6-BB08-6973BEE704C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C53CD76F-4126-4BA0-9CAF-9D12DA656671}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{236E55FB-BA4C-4689-9633-A35FB4D2EFB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{436AADA1-0DF0-4218-9087-F8B4596D7342}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A4AF4EF7-3DBB-45FD-B444-64274BEB6A8B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9F17C9FF-AF6B-4991-B76E-F1E89725D527}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{AC071C1D-037A-40ED-AE39-B9455D107E84}C:\users\patrik\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\patrik\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D9073339-AB68-47F2-808F-37877780FBF3}C:\users\patrik\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\patrik\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{FF7D9B06-0C9A-44DE-88CB-E6C7BA7A2134}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C96C2D83-E69F-4519-A1D0-51B5FF8E15BF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{74A7397B-73C1-4794-A81F-8FAA31EDDD59}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4A5C70DE-B593-4BE0-A41A-9E7C4105237D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{A3DFDC07-F499-4013-9368-7606CA51B8AA}C:\users\patrik\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\patrik\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{92C92A3F-8BDF-4065-BE5C-4BDE5B8A6C55}C:\users\patrik\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\patrik\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{AE75A437-A689-4C5B-9182-1F26F9A5153C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{AD66BD5A-140A-48FE-8A90-78F3E6462757}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A2A4E277-9B56-4022-BB87-617332F5E710}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8FF33936-F285-4A86-9D8F-B6AA214CEF3C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{57C48997-AABD-4BB3-8114-98A36C353786}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7AEDBB83-F1AE-4F0A-ABC1-2469D9703DF2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C0D9DBF5-4DB2-4084-BE55-A0480D97F834}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E2456754-77A5-4479-A471-A9FACC389FE6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{98F6314F-3EB0-47B7-AFBA-EF56FF7B305E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DB48A19E-9E2C-4CE0-948F-802CB350BEBE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{68A15D45-87A6-4505-BB70-9652CAF9C01E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3FFAD277-C658-445C-BBD4-B0988F84A2B9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F25DA227-DD27-4042-A209-E9BA1D27D6C4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B34F77F0-1A48-4D48-92D8-7644B10E9763}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{76E9F7E8-2389-4E70-9FB9-E734435E90FE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7B70A189-0154-4164-ADAD-803870B3C1B6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3C03F48B-9940-4B2E-9573-77A37696239E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{86B757F2-93A7-4BE2-8B8B-D133E8F4F008}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D7102B95-725F-4B57-8651-83CDFAED0A1B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C308A34C-34B0-4EAE-A3B2-F7166D2FB51D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{046945C2-5FFE-4B76-9ECC-3CC4D5EC66BE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1984ED47-6333-4F4A-B1A7-867D31FFC08D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7A4EBC20-CC01-40D9-B4FA-448620F72B50}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DDDB68E9-DE88-415F-8F56-677A88C25878}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B3FD9792-A935-4956-8690-3CBFDAA067A6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{16CFA766-8A92-442E-A5E8-3852BDC0A18A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{62BE40D0-3FE3-42A2-A622-4E3B2B7BBE63}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5BCB27AB-21FE-4558-9051-911A1FE118F6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{60951C86-7C38-4B7A-A8B9-4364E9FB7A5A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{ED1A3389-7B02-4F52-B75C-2A6CDD276980}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0DACF11D-5F1E-46C7-BB0D-12F1716E2D5B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A7305722-9B48-4DDA-A67E-2559D54C1241}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D4996D63-5DF2-4F5B-8CBE-2F2528D63BC3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{133D964C-B103-4F4B-B05F-352913AD0BAB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DCA4F863-53DC-42B6-9013-237D88400029}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7A34EC61-0D2E-44AE-B236-7896A8AF5735}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B5E75A56-FEAA-4A99-98D3-7ACC3D561027}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{80A690A3-BA67-4A15-8369-7F11D50F15F4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6130D13C-1753-48D1-A1CB-CB2CB7FF71EC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3CE1DBF1-E125-4909-901A-5B3CCC28D4D6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2D78D55E-F6D4-47A4-8B43-BB546584EC2E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{AD746836-7AC7-4AF0-8E97-5A1A086DE7A5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1E580566-EE19-4ED1-924C-1A72484DB85E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0305F300-EC9F-497F-94D0-09233FDB94CC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F3EE20A8-CB68-43C1-B719-6F05B71BA320}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D74F2B3B-B297-4153-B1AE-82C77AF79535}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9F847651-24C3-4E65-AEC2-B4E46CEC7703}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D889B893-F092-4BF6-9B70-79109A9C6420}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5AF8B11F-B654-4C64-A388-B455BCE1DA29}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E0DDF183-635A-4E0D-BAE9-FB6284845A78}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{4025BFBA-3F61-4097-927F-8CE2AFD261C3}C:\windows\syswow64\dpnsvr.exe] => (Block) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{EAA4F3C3-D563-422B-88A9-199BF011B5EA}C:\windows\syswow64\dpnsvr.exe] => (Block) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [TCP Query User{76DF3AB7-191F-47A6-BA74-6E85E4113ED5}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{F5944404-FEB0-4DD8-BC33-B971BC22031A}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [{D8220D83-AF87-434C-A104-744FFE9E2242}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe
FirewallRules: [{2F0F93A4-3648-4605-B1FC-C004CB48263D}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe
FirewallRules: [{A6EA1EB9-CE22-4F4D-BD4A-DAA43DDB6C93}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe
FirewallRules: [{B49DD764-4CCD-475D-B20C-E543EFE474DC}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe
FirewallRules: [{9AA2A81A-24F9-4DF2-AD10-0BBC5EEB3D55}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E258BF8B-92AC-4321-97C7-90D61091588D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6F369E61-0F4C-420C-845E-6FCD5D7885CD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9E8EA351-D7C7-4D56-A64C-2B343EAFD058}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{3294CDA8-77F6-4513-BA43-AD23BE916431}C:\program files (x86)\gog galaxy\games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) C:\program files (x86)\gog galaxy\games\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{F34EA9D3-1B33-43A7-BA90-99E9B3AFB6BD}C:\program files (x86)\gog galaxy\games\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) C:\program files (x86)\gog galaxy\games\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [{938A4AE4-C875-406C-8A25-ED28B80A667C}] => (Block) C:\program files (x86)\gog galaxy\games\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [{CAD10756-BC54-4949-BBCB-3B032042039C}] => (Block) C:\program files (x86)\gog galaxy\games\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [{2ED65743-7DA8-413B-8734-FEF26DAF2CF5}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{8DAF8247-0072-4C09-8D6A-7BE9D6625A0E}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{8EDAE7D0-F944-43D9-AD83-D6C105E643FB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{69861A97-F092-4E66-94C5-B278FEA8EDF9}C:\users\patrik\desktop\w3\war3.exe] => (Allow) C:\users\patrik\desktop\w3\war3.exe
FirewallRules: [UDP Query User{D358CF2A-BE4C-47DE-8B6C-FA0253146117}C:\users\patrik\desktop\w3\war3.exe] => (Allow) C:\users\patrik\desktop\w3\war3.exe
FirewallRules: [TCP Query User{1AA17C64-EFE5-4A9A-9547-3167BE5D3F03}C:\gog games\stronghold hd\stronghold.exe] => (Block) C:\gog games\stronghold hd\stronghold.exe
FirewallRules: [UDP Query User{EBFA78ED-8DA9-410D-82AA-FD5F9EA4DA51}C:\gog games\stronghold hd\stronghold.exe] => (Block) C:\gog games\stronghold hd\stronghold.exe
FirewallRules: [TCP Query User{87E9BFFA-0B4F-4112-BC84-92EDB11605FE}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{329DB269-1BD8-4598-847A-CA1F44ABEC47}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{A3875812-5AFE-4C3A-A767-666F49489C96}C:\gog games\stronghold crusader extreme hd\stronghold_crusader_extreme.exe] => (Block) C:\gog games\stronghold crusader extreme hd\stronghold_crusader_extreme.exe
FirewallRules: [UDP Query User{8F0DD8DD-B2A1-491A-BFC3-79CC09821F7A}C:\gog games\stronghold crusader extreme hd\stronghold_crusader_extreme.exe] => (Block) C:\gog games\stronghold crusader extreme hd\stronghold_crusader_extreme.exe
FirewallRules: [TCP Query User{280745F4-732E-4794-9943-C3BEE031D8F1}C:\gog games\stronghold crusader extreme hd\stronghold crusader.exe] => (Block) C:\gog games\stronghold crusader extreme hd\stronghold crusader.exe
FirewallRules: [UDP Query User{88AB502B-8FC4-4931-B8B4-1BDE2909A398}C:\gog games\stronghold crusader extreme hd\stronghold crusader.exe] => (Block) C:\gog games\stronghold crusader extreme hd\stronghold crusader.exe
FirewallRules: [TCP Query User{928C9B58-DD94-4A1B-A10A-B8833DE6AB33}C:\program files (x86)\heroes of might and magic v sběratelská edice\tribes of the east\bin\h5_game.exe] => (Block) C:\program files (x86)\heroes of might and magic v sběratelská edice\tribes of the east\bin\h5_game.exe
FirewallRules: [UDP Query User{13F87C55-054D-4945-A325-1131209AF4C6}C:\program files (x86)\heroes of might and magic v sběratelská edice\tribes of the east\bin\h5_game.exe] => (Block) C:\program files (x86)\heroes of might and magic v sběratelská edice\tribes of the east\bin\h5_game.exe
FirewallRules: [TCP Query User{5296B830-FFD7-48C7-AC52-CA8BDD0354C4}C:\program files (x86)\heroes of might and magic v sběratelská edice\bin\h5_game.exe] => (Block) C:\program files (x86)\heroes of might and magic v sběratelská edice\bin\h5_game.exe
FirewallRules: [UDP Query User{70E30D40-95FC-4FE3-9DF4-1897019366B1}C:\program files (x86)\heroes of might and magic v sběratelská edice\bin\h5_game.exe] => (Block) C:\program files (x86)\heroes of might and magic v sběratelská edice\bin\h5_game.exe
FirewallRules: [{78F9B7AC-8404-48B8-819A-16E87705B5BF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{36FFD3EF-3F90-4992-9356-A55B835EF41B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{69840822-986C-42AE-9846-03564CDADB5C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B5604CFA-3997-4141-AB30-691702B2D6BF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{282C9887-FF61-4093-BFB2-82C9F7D9F9E3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{461FC809-6BA2-4B77-8FFD-F59119D81694}C:\program files (x86)\total war warhammer\warhammer.exe] => (Allow) C:\program files (x86)\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{BE5A3731-F02F-4830-B63A-7A9952A3225C}C:\program files (x86)\total war warhammer\warhammer.exe] => (Allow) C:\program files (x86)\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{7763D83A-D588-47AF-AE26-BD32F4A15897}C:\program files (x86)\total war warhammer\warhammer.exe] => (Allow) C:\program files (x86)\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{D51CCD78-5058-40ED-BFF9-213513EEA30E}C:\program files (x86)\total war warhammer\warhammer.exe] => (Allow) C:\program files (x86)\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{7D2860B9-7C90-4C96-B4FC-E72C78B8B7C3}C:\users\patrik\documents\warcraft iii 1.2.7\war3.exe] => (Block) C:\users\patrik\documents\warcraft iii 1.2.7\war3.exe
FirewallRules: [UDP Query User{9FD3CDAB-B019-4B61-911C-200A6FB8D16B}C:\users\patrik\documents\warcraft iii 1.2.7\war3.exe] => (Block) C:\users\patrik\documents\warcraft iii 1.2.7\war3.exe
FirewallRules: [TCP Query User{B4CB5548-679C-4ACA-A1FC-868316B3050E}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{FFDD4621-E715-43A2-8609-6F36A0CB682F}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{B4ECE87E-5DA9-4F98-BCE6-8BF3C7517FE7}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{E52A4659-B703-4EAF-8CD9-509B16B65794}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{40BEAADE-EEFF-4C35-A67F-ECA56B297F9A}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{3B599438-B4A7-41B2-A25C-6213E0DB64FD}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{FF9B8A5F-D483-4DEA-9EE8-B3CF12B770B1}] => (Allow) C:\Program Files (x86)\Opera\50.0.2762.58\opera.exe
FirewallRules: [{B2937AE0-0AAC-4FE7-A222-A9681C1C1FCB}] => (Allow) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe
FirewallRules: [{34AEF34A-E698-4A3A-A97F-6D4550A2B13E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

25-01-2018 20:23:40 Naplánovaný kontrolní bod
10-02-2018 22:52:18 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/13/2018 08:58:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sznpp_64.exe, verze: 2.1.30.0, časové razítko: 0x5a4cfc95
Název chybujícího modulu: sznpp_64.exe, verze: 2.1.30.0, časové razítko: 0x5a4cfc95
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000019051
ID chybujícího procesu: 0x448
Čas spuštění chybující aplikace: 0x01d3a504f79f2f32
Cesta k chybující aplikaci: C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
Cesta k chybujícímu modulu: C:\Users\Patrik\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
ID zprávy: b2d251dc-7730-4e8c-83fb-e511f214457a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/10/2018 08:57:02 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 33274 ms

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function: WIPolicyActiveRelationshipTableChanged::execute
Message: Unhandled exception caught during execution of work item
Framework Event: PolicyActiveRelationshipTableChanged [44]
Policy: Active Policy [0]
Exception Function: Policy::executePolicyActiveRelationshipTableChanged
Exception Text:

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

Error: (02/10/2018 08:57:02 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 33200 ms

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function: WIPolicyActiveRelationshipTableChanged::execute
Message: Unhandled exception caught during execution of work item
Framework Event: PolicyActiveRelationshipTableChanged [44]
Policy: Active Policy [0]
Exception Function: Policy::executePolicyActiveRelationshipTableChanged
Exception Text:

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

Error: (01/31/2018 06:41:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.16299.15, časové razítko: 0xbf7b6630
Kód výjimky: 0xc000041d
Posun chyby: 0x00005b36
ID chybujícího procesu: 0x408
Čas spuštění chybující aplikace: 0x01d39ab434665606
Cesta k chybující aplikaci: C:\Users\Patrik\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 72feccc6-6ec7-42d9-9c3a-e10d5d2d65f1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/30/2018 07:17:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.16299.15, časové razítko: 0xbf7b6630
Kód výjimky: 0xc000041d
Posun chyby: 0x00005b36
ID chybujícího procesu: 0x380
Čas spuštění chybující aplikace: 0x01d399f53699cfcf
Cesta k chybující aplikaci: C:\Users\Patrik\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 71fd791f-6659-4e6f-9de6-e83e7a84b7ec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/28/2018 09:10:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.16299.15, časové razítko: 0xbf7b6630
Kód výjimky: 0xc000041d
Posun chyby: 0x00005b36
ID chybujícího procesu: 0x1a94
Čas spuštění chybující aplikace: 0x01d398734ec2d826
Cesta k chybující aplikaci: C:\Users\Patrik\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 043d1e2a-d22d-491d-a2b0-6b7fda2aac67
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/20/2018 12:29:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.16299.15, časové razítko: 0xbf7b6630
Kód výjimky: 0xc000041d
Posun chyby: 0x00005b36
ID chybujícího procesu: 0x1b20
Čas spuštění chybující aplikace: 0x01d391691ee07026
Cesta k chybující aplikaci: C:\Users\Patrik\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 61b08a49-29b0-4b78-953c-dc40fdf0c249
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/11/2018 10:43:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.16299.15, časové razítko: 0xbf7b6630
Kód výjimky: 0xc000041d
Posun chyby: 0x00005b36
ID chybujícího procesu: 0x1278
Čas spuštění chybující aplikace: 0x01d38b19bee2e76c
Cesta k chybující aplikaci: C:\Users\Patrik\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 7ffcf737-0c13-4db7-8635-a77d1fcb3741
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/13/2018 09:29:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/13/2018 09:15:00 PM) (Source: DCOM) (EventID: 10016) (User: KEBIQ)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli KEBIQ\Patrik (SID: S-1-5-21-2257346106-4197404688-2382006227-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/13/2018 09:14:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/13/2018 09:14:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/13/2018 09:14:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/13/2018 09:14:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/13/2018 09:14:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/13/2018 09:14:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2017-12-31 17:22:04.461
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4FD78C49-3182-407B-A608-A0BF3526340E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2017-12-15 11:25:26.064
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {35958937-BE49-42C8-AC9A-9102DB0364AC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: KEBIQ\Patrik

Date: 2017-12-09 16:08:45.332
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7968826A-AADE-49EA-B74A-D914E2DE0B94}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: KEBIQ\Patrik

Date: 2018-02-10 08:45:00.471
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.261.629.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14500.5
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-02-10 08:45:00.470
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 118.2.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.14202.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-02-10 08:45:00.461
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.261.629.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14500.5
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-02-10 08:45:00.461
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.261.629.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14500.5
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-02-10 08:45:00.461
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.261.629.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14500.5
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-6300HQ CPU @ 2.30GHz
Percentage of memory in use: 41%
Total physical RAM: 8065.26 MB
Available physical RAM: 4697.96 MB
Total Virtual: 9345.26 MB
Available Virtual: 5995.71 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.72 GB) (Free:28.59 GB) NTFS

\\?\Volume{25831e30-30e5-468c-b96f-512610550bb7}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32
\\?\Volume{f5e234fc-c108-49bd-9589-6db889314d3b}\ () (Fixed) (Total:0.84 GB) (Free:0.46 GB) NTFS
\\?\Volume{5c48bb87-71eb-4506-bacd-e7ceac9870a9}\ (Image) (Fixed) (Total:11.34 GB) (Free:0.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AC529743)

Partition: GPT.

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Zapráskaný notebook

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    File: C:\Users\Patrik\AppData\Local\MSGBOX.EXE
    File: C:\Users\Patrik\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
    
    HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
    HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
    SearchScopes: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001 -> DefaultScope {514B86D4-6BD8-44DA-B96D-C55E6434F7BD} URL = 
    SearchScopes: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001 -> {09AC9B2E-643C-4C40-A3B7-FE4FE15F23C5} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
    SearchScopes: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001 -> {514B86D4-6BD8-44DA-B96D-C55E6434F7BD} URL = 
    CHR NewTab: Default ->  Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
    CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=C214CZ105D20161013&p={searchTerms}
    CHR DefaultSearchKeyword: Default -> mcafee
    CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-01-14]
    2018-02-13 20:58 - 2017-01-02 21:20 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
    2018-02-13 20:58 - 2017-01-02 21:19 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\Seznam.cz
    
    ContextMenuHandlers1: [PDFConv] -> {919CF7F5-9A8E-40B9-9588-2BECA5927D98} =>  -> No File
    ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    Task: {3228A2C6-042C-4262-90B7-630A4838E503} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    AlternateDataStreams: C:\Users\Public\AppData:CSM [119]
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

KebiQ
Návštěvník
Návštěvník
Příspěvky: 69
Registrován: 18 lis 2011 22:59

Re: Zapráskaný notebook

#7 Příspěvek od KebiQ »

Fix result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
Ran by Patrik (13-02-2018 22:16:29) Run:1
Running from C:\Users\Patrik\Desktop
Loaded Profiles: Patrik (Available Profiles: Patrik)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Users\Patrik\AppData\Local\MSGBOX.EXE
File: C:\Users\Patrik\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001 -> DefaultScope {514B86D4-6BD8-44DA-B96D-C55E6434F7BD} URL =
SearchScopes: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001 -> {09AC9B2E-643C-4C40-A3B7-FE4FE15F23C5} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2257346106-4197404688-2382006227-1001 -> {514B86D4-6BD8-44DA-B96D-C55E6434F7BD} URL =
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=C214CZ105D20161013&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-01-14]
2018-02-13 20:58 - 2017-01-02 21:20 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2018-02-13 20:58 - 2017-01-02 21:19 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\Seznam.cz

ContextMenuHandlers1: [PDFConv] -> {919CF7F5-9A8E-40B9-9588-2BECA5927D98} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {3228A2C6-042C-4262-90B7-630A4838E503} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\Public\AppData:CSM [119]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Users\Patrik\AppData\Local\MSGBOX.EXE ========================

C:\Users\Patrik\AppData\Local\MSGBOX.EXE
File not signed
MD5: DD091A1C8075F061811515A1B13A5E07
Creation and modification date: 2017-01-03 13:15 - 2017-01-03 13:15
Size: 000029696
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/beaa1c2 ... 515011286/

====== End of File: ======


========================= File: C:\Users\Patrik\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe ========================

C:\Users\Patrik\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
File not signed
MD5: 091235F94956B7824F2FDC73E0288BB1
Creation and modification date: 2018-02-13 20:58 - 2018-02-13 20:58
Size: 000534528
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/d01dcaf ... 514732967/

====== End of File: ======

HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09AC9B2E-643C-4C40-A3B7-FE4FE15F23C5}" => removed successfully
HKLM\Software\Classes\CLSID\{09AC9B2E-643C-4C40-A3B7-FE4FE15F23C5} => key not found
"HKU\S-1-5-21-2257346106-4197404688-2382006227-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{514B86D4-6BD8-44DA-B96D-C55E6434F7BD}" => removed successfully
HKLM\Software\Classes\CLSID\{514B86D4-6BD8-44DA-B96D-C55E6434F7BD} => key not found
"Chrome NewTab" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-01-14] => Error: No automatic fix found for this entry.
C:\Program Files (x86)\Seznam.cz => moved successfully
C:\Users\Patrik\AppData\Roaming\Seznam.cz => moved successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFConv" => removed successfully
HKLM\Software\Classes\CLSID\{919CF7F5-9A8E-40B9-9588-2BECA5927D98} => key not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3228A2C6-042C-4262-90B7-630A4838E503} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3228A2C6-042C-4262-90B7-630A4838E503} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove key. ErrorCode1: 0x00000001
C:\Users\Public\AppData => ":CSM" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 35870660 B
Java, Flash, Steam htmlcache => 138746 B
Windows/system/drivers => 1188480 B
Edge => 0 B
Chrome => 279851690 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 71908 B
Patrik => 44289742 B

RecycleBin => 0 B
EmptyTemp: => 352.2 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-02-2018 22:23:35)


Result of scheduled keys to remove after reboot:

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3228A2C6-042C-4262-90B7-630A4838E503}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3228A2C6-042C-4262-90B7-630A4838E503}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key removed successfully

==== End of Fixlog 22:23:35 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Zapráskaný notebook

#8 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    C:\Users\Patrik\AppData\Local\MSGBOX.EXE
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Pockaj na dokoncenie
  • Tentokrat to bude bez restartu, otvori sa Fixlog.txt (pripadne bude na ploche), jeho obsah sem skopiruj
:arrow: Ako to vyzera s PC, nastala nejaka zmena, pripadne su este nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

KebiQ
Návštěvník
Návštěvník
Příspěvky: 69
Registrován: 18 lis 2011 22:59

Re: Zapráskaný notebook

#9 Příspěvek od KebiQ »

Fix result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
Ran by Patrik (13-02-2018 22:39:29) Run:2
Running from C:\Users\Patrik\Desktop
Loaded Profiles: Patrik (Available Profiles: Patrik)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\Users\Patrik\AppData\Local\MSGBOX.EXE
End
*****************

C:\Users\Patrik\AppData\Local\MSGBOX.EXE => moved successfully

==== End of Fixlog 22:39:31 ====
Pocitově se zdá plynulejší chod PC, vypadá, že OK.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Zapráskaný notebook

#10 Příspěvek od Conder »

:arrow: V Chrome este ostal Seznam doplnok, ak to nepotrebujes, odporucam tiez odinstalovat.

:arrow: Skontroluj, velkost plochy (C:\Users\Patrik\Desktop). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

:arrow: Este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

KebiQ
Návštěvník
Návštěvník
Příspěvky: 69
Registrován: 18 lis 2011 22:59

Re: Zapráskaný notebook

#11 Příspěvek od KebiQ »

velikost plochy byla přes 6GB,ani nevím proč, naházel jsem to do dokumentů

# DelFix v1.013 - Logfile created 14/02/2018 at 18:15:56
# Updated 17/04/2016 by Xplode
# Username : Patrik - KEBIQ
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Patrik\Desktop\FRST-OlderVersion
Deleted : C:\Users\Patrik\Desktop\adwcleaner_7.0.8.0.exe
Deleted : C:\Users\Patrik\Desktop\Fixlog.txt
Deleted : C:\Users\Patrik\Desktop\FRST64.exe
Deleted : C:\Users\Patrik\Downloads\Addition.txt
Deleted : C:\Users\Patrik\Downloads\FRST.txt
Deleted : C:\Users\Patrik\Downloads\FRST64.exe
Deleted : C:\Users\Patrik\Downloads\RSITx64.exe
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Zapráskaný notebook

#12 Příspěvek od Conder »

:arrow: Logy uz vyzeraju OK.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

KebiQ
Návštěvník
Návštěvník
Příspěvky: 69
Registrován: 18 lis 2011 22:59

Re: Zapráskaný notebook

#13 Příspěvek od KebiQ »

Děkuji za ochotu a věnovaný čas :)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Zapráskaný notebook

#14 Příspěvek od Conder »

Nie je zaco, rad som pomohol :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zamčeno