Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Simicek
Návštěvník
Návštěvník
Příspěvky: 173
Registrován: 23 črc 2008 19:09

Prosím o kontrolu

#1 Příspěvek od Simicek »

Dobrý den, poprosil bych o kontrolu. Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by David Hynek at 2018-07-13 11:19:55
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 86 GB (28%) free of 307 GB
Total RAM: 6048 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:19:59, on 13.7.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\TradeSkillMaster Application\app\TSMApplication.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\David Hynek\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Miranda IM\miranda32.exe
C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\Discord.exe
C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\Discord.exe
C:\Users\David Hynek\AppData\Roaming\Curse Client\Bin\Electron\TwitchUI.exe
C:\Program Files\trend micro\David Hynek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [TSMApplication] "C:\TradeSkillMaster Application\app\TSMApplication.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\David Hynek\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = D:\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.download.microsoft.com
O15 - Trusted Zone: http://*.update.microsoft.com
O15 - Trusted Zone: http://*.windowsupdate.com
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11804 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
WLIDSvcM.exe 2180
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\X-Mouse Button Control\XMouseButtonControl.exe" /notportable
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
"C:\TradeSkillMaster Application\app\TSMApplication.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
AvastUI.exe /nogui
"C:\Users\David Hynek\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
"C:\Miranda IM\miranda32.exe"
"C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\Discord.exe"
"C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\Discord.exe" --type=renderer --no-sandbox --primordial-pipe-token=768E644187CF2E8A556C229A9D9FFEC0 --lang=cs --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\resources\app.asar" --node-integration=false --preload="C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_desktop_core\core.asar\app\mainScreenPreload.js" --background-color=#2f3136 --enable-blink-features=EnumerateDevices,AudioOutputDevices --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=768E644187CF2E8A556C229A9D9FFEC0 --renderer-client-id=5 --mojo-platform-channel-handle=1692 /prefetch:1
"C:\Users\David Hynek\AppData\Roaming\Curse Client\Bin\Electron\TwitchUI.exe" --reporter-url=http://127.0.0.1:57910/ --application-name=Twitch "--crashes-directory=C:\Users\DAVIDH~1\AppData\Local\Temp\Twitch Crashes" --v=1

taskeng.exe {730362E0-06B4-4F22-965A-E9D80687738F}
C:\Windows\system32\msiexec.exe /V
"C:\CCleaner\CCleaner64.exe" /monitor
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=67.0.3396.99 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7feee883228,0x7feee883238,0x7feee883248
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7536 --on-initialized-event-handle=376 --parent-handle=380 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1308,8570449683510225000,13219326508218247115,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --use-gl=swiftshader-webgl --service-request-channel-token=27DEBA72018FB3FFAA30ADB8024F90B4 --mojo-platform-channel-handle=1324 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1308,8570449683510225000,13219326508218247115,131072 --service-pipe-token=A7B75D00257E9A4C1BC7E2F63C8310FE --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=A7B75D00257E9A4C1BC7E2F63C8310FE --renderer-client-id=3 --mojo-platform-channel-handle=2500 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1308,8570449683510225000,13219326508218247115,131072 --service-pipe-token=18A3516CF4E7A2B264E7419E03B5235D --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18A3516CF4E7A2B264E7419E03B5235D --renderer-client-id=4 --mojo-platform-channel-handle=2660 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1308,8570449683510225000,13219326508218247115,131072 --disable-gpu-compositing --service-pipe-token=BB2AD458147D9B99525F224EF6A64CD3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=BB2AD458147D9B99525F224EF6A64CD3 --renderer-client-id=9 --mojo-platform-channel-handle=4596 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1308,8570449683510225000,13219326508218247115,131072 --disable-gpu-compositing --service-pipe-token=36B84A25C1C51E28A8AD219E8276EF32 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=36B84A25C1C51E28A8AD219E8276EF32 --renderer-client-id=13 --mojo-platform-channel-handle=2240 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1308,8570449683510225000,13219326508218247115,131072 --disable-gpu-compositing --service-pipe-token=89D41AF126479E9DFFB4B556A0FB19A7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=89D41AF126479E9DFFB4B556A0FB19A7 --renderer-client-id=15 --mojo-platform-channel-handle=5028 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1308,8570449683510225000,13219326508218247115,131072 --disable-gpu-compositing --service-pipe-token=E3E96959E7A2409FF545EC0168358259 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=E3E96959E7A2409FF545EC0168358259 --renderer-client-id=17 --mojo-platform-channel-handle=4820 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1308,8570449683510225000,13219326508218247115,131072 --disable-gpu-compositing --service-pipe-token=CE9DE508E9D29F7F63ADF8CB90950FBB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=CE9DE508E9D29F7F63ADF8CB90950FBB --renderer-client-id=18 --mojo-platform-channel-handle=2920 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1308,8570449683510225000,13219326508218247115,131072 --disable-gpu-compositing --service-pipe-token=4FBA5D935441A71B7FA56230E989A517 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4FBA5D935441A71B7FA56230E989A517 --renderer-client-id=22 --mojo-platform-channel-handle=5328 /prefetch:1
"C:\Users\David Hynek\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

=========Mozilla firefox=========

ProfilePath - C:\Users\David Hynek\AppData\Roaming\Mozilla\Firefox\Profiles\3x5rgwnq.default-1458296225216

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 29.0.0.140 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_140.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 29.0.0.140 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_140.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-03-18 938712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-03-18 812248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-01-11 1483264]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-03-21 361984]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-05-05 2785064]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2011-05-05 97064]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-13 617120]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-13 379552]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-10-18 10357008]
"XMouseButtonControl"=C:\X-Mouse Button Control\XMouseButtonControl.exe [2016-05-22 1161240]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2015-06-01 453552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2017-01-11 16781824]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2017-09-19 1923008]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-05-05 242392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\CCleaner\CCleaner64.exe [2018-06-24 18385368]
"TSMApplication"=C:\TradeSkillMaster Application\app\TSMApplication.exe [2017-11-30 1623040]
"Spotify Web Helper"=C:\Users\David Hynek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-04-04 782736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-10-20 3331312]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-22 5716608]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-08 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-09-13 2317312]
"SystemExplorerAutoStart"=C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2015-08-19 3389160]
"ASUS Screen Saver Protector"=C:\Windows\AsScrPro.exe [2012-02-10 3058304]
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-20 107816]
"GrooveMonitor"=D:\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

C:\Users\David Hynek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - D:\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll, C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"midi1"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"VIDC.FPS1"=frapsv64.dll
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2431-09-15 20:37:49 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys
2431-09-15 20:37:49 ----A---- C:\Windows\system32\drivers\HECIx64.sys

======List of files/folders modified in the last 1 month======

2018-07-13 11:19:59 ----D---- C:\Windows\Prefetch
2018-07-13 11:19:57 ----D---- C:\Program Files\trend micro
2018-07-13 11:19:54 ----D---- C:\Windows\temp
2018-07-13 11:17:55 ----D---- C:\Users\David Hynek\AppData\Roaming\uTorrent
2018-07-13 11:17:11 ----D---- C:\Windows\inf
2018-07-13 11:17:10 ----D---- C:\Windows\Minidump
2018-07-13 11:17:10 ----D---- C:\Windows
2018-07-13 11:15:29 ----D---- C:\Windows\system32\Tasks
2018-07-13 11:15:24 ----SHD---- C:\Windows\Installer
2018-07-13 10:51:20 ----D---- C:\Users\David Hynek\AppData\Roaming\Curse Client
2018-07-13 10:12:45 ----D---- C:\Windows\system32\config
2018-07-13 10:05:45 ----D---- C:\Windows\System32
2018-07-13 10:05:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-07-13 09:58:59 ----D---- C:\ProgramData\NVIDIA
2018-07-12 19:02:40 ----D---- C:\Windows\system32\NDF
2018-07-12 12:05:44 ----D---- C:\Config.Msi
2018-07-12 12:03:22 ----D---- C:\Windows\SysWOW64
2018-07-11 12:56:03 ----SHD---- C:\System Volume Information
2018-07-08 18:49:31 ----D---- C:\Program Files (x86)\World of Warcraft Beta
2018-07-07 14:26:30 ----D---- C:\Users\David Hynek\AppData\Roaming\vlc
2018-06-19 17:12:14 ----D---- C:\Users\David Hynek\AppData\Roaming\TS3Client
2018-06-19 17:07:23 ----D---- C:\TeamSpeak 3 Client
2018-06-14 12:38:53 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-03-18 199440]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-03-18 343752]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-03-18 57680]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-05-05 84368]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-05-05 380528]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2018-03-25 48032]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-05-05 196640]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-03-18 227504]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-05-05 227784]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-05-05 111352]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-05-05 1026696]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-05-12 460520]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2018-03-25 315808]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-05-05 147224]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-05-05 205976]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-04-17 13832]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2011-09-20 16768]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-10-04 129512]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-10-04 394728]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2016-01-29 4171512]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2017-01-11 5545472]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2013-07-16 129224]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-10-10 100312]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2017-09-19 48064]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-03-24 58816]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2431-09-15 32496]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-05-05 1439792]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-05-05 46968]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-10-19 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-08-29 53760]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-06-08 47672]
S3 EasyAntiCheatSys;EasyAntiCheatSys; \??\C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [2018-06-10 842952]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-14 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2017-01-25 221632]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-09-19 30144]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 semav6msr64;semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [2016-10-18 21984]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 6144]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-05-16 141600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-03-21 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-05-05 313640]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2017-04-17 9728]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19 512960]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-03-24 464272]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-09-19 449984]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-10-17 76888]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-05-05 7603408]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05 164984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-01 107848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-05 272384]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05 164984]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-11-15 6971400]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-06-10 780928]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-14 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-01 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-02-28 194512]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19 512960]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-05-14 207040]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-06-09 1673504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-29 1255736]
S4 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
S4 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
S4 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
S4 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
S4 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
S4 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-04-17 247152]
S4 TurboBoost;Intel(R) Turbo Boost Technology Monitor; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-04-17 134928]
S4 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Simicek
Návštěvník
Návštěvník
Příspěvky: 173
Registrován: 23 črc 2008 19:09

Re: Prosím o kontrolu

#3 Příspěvek od Simicek »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.1
# -------------------------------
# Build: 07-04-2018
# Database: 2018-07-04.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-13-2018
# Duration: 00:00:17
# OS: Windows 7 Home Premium
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAE9BEC8-4723-4347-AFC6-25EE3326BA5B}
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1620 octets] - [13/07/2018 21:42:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Simicek
Návštěvník
Návštěvník
Příspěvky: 173
Registrován: 23 črc 2008 19:09

Re: Prosím o kontrolu

#5 Příspěvek od Simicek »

Stažení FRSTLauncheru mi nešel stáhnout


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by David Hynek (administrator) on DAVIDHYNEK-PC (14-07-2018 13:25:05)
Running from C:\Users\David Hynek\Desktop
Loaded Profiles: David Hynek (Available Profiles: David Hynek)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Highresolution Enterprises) C:\X-Mouse Button Control\XMouseButtonControl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
() C:\TradeSkillMaster Application\app\TSMApplication.exe
(Spotify Ltd) C:\Users\David Hynek\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Piriform Ltd) C:\CCleaner\CCleaner64.exe
(Miranda IM) C:\Miranda IM\miranda32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Discord Inc.) C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Discord Inc.) C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [XMouseButtonControl] => C:\X-Mouse Button Control\XMouseButtonControl.exe [1161240 2016-05-22] (Highresolution Enterprises)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-05-05] (AVAST Software)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-22] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-08] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2317312 2011-09-13] (ASUS)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2012-02-10] (ASUS)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-20] (CyberLink)
HKLM-x32\...\Run: [GrooveMonitor] => D:\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\Run: [CCleaner Monitoring] => C:\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\Run: [TSMApplication] => C:\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2017-11-30] ()
HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\Run: [Spotify Web Helper] => C:\Users\David Hynek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-04-04] (Spotify Ltd)
HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [1366528 2018-05-05] (Adobe Systems Incorporated)
HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [182784 2018-03-25] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182784 2018-03-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159704 2018-03-25] (NVIDIA Corporation)
Startup: C:\Users\David Hynek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2017-04-14]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> D:\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{908ACA01-31CF-4D49-BB3D-8A3BBA58C4E0}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{93BF77B4-A81A-4806-BBBE-08161FD849D2}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E3A2F647-5D3A-4006-B51D-6E686C850E44}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-03-18] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-03-18] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF ProfilePath: C:\Users\David Hynek\AppData\Roaming\Mozilla\Firefox\Profiles\3x5rgwnq.default-1458296225216 [2018-07-14]
FF Extension: (Avast SafePrice) - C:\Users\David Hynek\AppData\Roaming\Mozilla\Firefox\Profiles\3x5rgwnq.default-1458296225216\Extensions\sp@avast.com.xpi [2018-02-28]
FF Extension: (Avast Online Security) - C:\Users\David Hynek\AppData\Roaming\Mozilla\Firefox\Profiles\3x5rgwnq.default-1458296225216\Extensions\wrc@avast.com.xpi [2017-11-30]
FF Extension: (Adblock Plus) - C:\Users\David Hynek\AppData\Roaming\Mozilla\Firefox\Profiles\3x5rgwnq.default-1458296225216\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_140.dll [2018-05-05] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_140.dll [2018-05-05] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-1206595139-1558415813-2062055028-1001: @coreonline.com/run3d,version=1.0 -> C:\Users\David Hynek\AppData\LocalLow\Square Enix\nprun3d.dll [2012-09-14] (Square Enix)
FF Plugin HKU\S-1-5-21-1206595139-1558415813-2062055028-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\David Hynek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR DefaultSearchURL: Default -> hxxps://www.twitch.tv/favicon.ico
CHR Profile: C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default [2018-07-14]
CHR Extension: (BetterTTV) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-29]
CHR Extension: (YouTube) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Adblock Plus) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-17]
CHR Extension: (Vyhledávání Google) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Adobe Acrobat) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]
CHR Extension: (The West) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2016-05-31]
CHR Extension: (Všechny hry - Twitch) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcbbonmofdkklhmaapkllflmpoccpiad [2016-03-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-15]
CHR Profile: C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\System Profile [2018-07-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-05-05] (AVAST Software)
S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-05-05] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-15] ()
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-10] (EasyAntiCheat Ltd)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-04-17] (Hi-Rez Studios) [File not signed]
S3 Microsoft Office Groove Audit Service; D:\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-10-17] ()
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [16768 2011-09-20] (ASUSTek Computer Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-05-05] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-18] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-18] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-18] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-18] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [227784 2018-05-05] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-05-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147224 2018-05-05] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111352 2018-05-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-05-05] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-05-05] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-05-12] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-05-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-05-05] (AVAST Software)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-06-08] (Disc Soft Ltd)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [842952 2018-06-10] (EasyAntiCheat Oy)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-16] (Qualcomm Atheros Co., Ltd.)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-10-10] (Intel Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [315808 2018-03-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-09-19] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [58816 2018-03-24] (NVIDIA Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2431-09-15] (Synaptics Incorporated)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] ()
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2099-09-15 20:37 - 2431-09-15 20:37 - 000064624 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2099-09-15 20:37 - 2431-09-15 20:37 - 000032496 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2018-07-14 13:25 - 2018-07-14 13:26 - 000024386 _____ C:\Users\David Hynek\Desktop\FRST.txt
2018-07-14 13:24 - 2018-07-14 13:25 - 000000000 ____D C:\FRST
2018-07-14 13:22 - 2018-07-14 13:22 - 002412544 _____ (Farbar) C:\Users\David Hynek\Desktop\FRST64.exe
2018-07-13 21:40 - 2018-07-13 21:40 - 007402192 _____ (Malwarebytes) C:\Users\David Hynek\Desktop\adwcleaner_7.2.1.exe
2018-07-13 20:25 - 2018-07-13 20:25 - 000029006 _____ C:\Users\David Hynek\Downloads\Megalo Box - 13 preklad.ass
2018-07-13 20:25 - 2018-07-13 20:25 - 000028921 _____ C:\Users\David Hynek\Downloads\Megalo Box - 10 preklad.ass
2018-07-13 20:25 - 2018-07-13 20:25 - 000026564 _____ C:\Users\David Hynek\Downloads\Megalo Box - 09 preklad.ass
2018-07-13 20:25 - 2018-07-13 20:25 - 000026551 _____ C:\Users\David Hynek\Downloads\Megalo Box - 11 preklad.ass
2018-07-13 20:25 - 2018-07-13 20:25 - 000026077 _____ C:\Users\David Hynek\Downloads\Megalo Box - 12 preklad.ass
2018-07-13 18:46 - 2018-07-13 18:46 - 000033503 _____ C:\Users\David Hynek\Downloads\Megalo Box - 08 preklad.ass
2018-07-13 17:09 - 2018-07-13 17:09 - 003512121 _____ C:\Users\David Hynek\Downloads\elvui-10.74.zip
2018-07-13 11:19 - 2018-07-13 11:19 - 001222144 _____ C:\Users\David Hynek\Downloads\RSITx64.exe
2018-07-13 11:18 - 2018-07-13 11:18 - 000064120 _____ C:\Users\David Hynek\Documents\cc_20180713_111834.reg
2018-07-13 11:14 - 2018-07-13 11:14 - 015989160 _____ (Piriform Ltd) C:\Users\David Hynek\Downloads\ccsetup544.exe
2018-06-21 16:00 - 2018-06-28 18:56 - 000001092 _____ C:\Users\David Hynek\Desktop\World of Warcraft Beta.lnk
2018-06-15 13:22 - 2018-07-11 23:13 - 000000504 _____ C:\Users\David Hynek\Desktop\TODO.txt
2018-06-14 22:34 - 2018-06-14 21:05 - 044501992 _____ (Blizzard Entertainment) C:\Users\David Hynek\Desktop\WowT.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-14 13:17 - 2012-09-26 18:22 - 000000000 ____D C:\Users\David Hynek\Documents\Bluetooth Folder
2018-07-14 13:14 - 2012-09-29 00:43 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-14 13:13 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-14 01:40 - 2009-07-14 06:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-14 01:40 - 2009-07-14 06:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-07-14 01:34 - 2018-05-05 15:49 - 000004550 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-14 01:34 - 2017-11-30 12:52 - 000003842 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-07-14 01:34 - 2017-07-01 16:36 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-14 01:34 - 2017-07-01 16:36 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-14 01:34 - 2015-05-03 11:44 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-07-14 01:34 - 2014-12-27 11:10 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-14 01:34 - 2013-06-19 19:57 - 000002756 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-07-13 21:42 - 2017-04-22 18:13 - 000000000 ____D C:\AdwCleaner
2018-07-13 21:41 - 2018-01-19 19:46 - 000001740 _____ C:\Users\David Hynek\Desktop\Serials.txt
2018-07-13 21:34 - 2013-08-17 01:27 - 000000000 ____D C:\Users\David Hynek\AppData\Local\Battle.net
2018-07-13 20:06 - 2015-12-10 11:24 - 000000000 ____D C:\WoW Cata
2018-07-13 13:49 - 2018-05-11 12:56 - 000000000 ____D C:\Users\David Hynek\AppData\LocalLow\uTorrent
2018-07-13 13:49 - 2012-09-27 12:50 - 000000000 ____D C:\Users\David Hynek\AppData\Roaming\uTorrent
2018-07-13 11:19 - 2017-03-08 17:22 - 000000000 ____D C:\Program Files\trend micro
2018-07-13 11:17 - 2017-09-14 09:46 - 000000000 ____D C:\Windows\Minidump
2018-07-13 11:17 - 2012-09-28 15:20 - 000000000 ____D C:\Users\David Hynek\AppData\Local\CrashDumps
2018-07-13 11:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-07-13 11:15 - 2013-06-19 19:57 - 000000618 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-07-13 11:10 - 2018-05-27 18:06 - 000000924 _____ C:\Users\David Hynek\Desktop\Mage Tower.txt
2018-07-13 10:51 - 2016-10-26 15:03 - 000000000 ____D C:\Users\David Hynek\AppData\Roaming\Curse Client
2018-07-13 10:41 - 2017-04-14 10:21 - 000001107 _____ C:\Users\David Hynek\Desktop\Twitch.lnk
2018-07-13 10:41 - 2015-01-18 18:48 - 000001002 _____ C:\Users\David Hynek\Desktop\Spotify.lnk
2018-07-13 10:05 - 2011-02-19 07:36 - 000680576 _____ C:\Windows\system32\perfh005.dat
2018-07-13 10:05 - 2011-02-19 07:36 - 000145542 _____ C:\Windows\system32\perfc005.dat
2018-07-13 10:05 - 2009-07-14 07:13 - 001615516 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-12 19:02 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-07-12 12:04 - 2015-11-21 17:57 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-07-10 16:39 - 2018-04-04 16:18 - 000000000 ____D C:\Users\David Hynek\Downloads\emoji
2018-07-10 16:37 - 2016-04-03 20:34 - 000000000 ____D C:\Users\David Hynek\Documents\VŠEMIng - update cervenec
2018-07-10 14:30 - 2017-07-16 12:07 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-07-08 18:49 - 2018-06-05 11:32 - 000000000 ____D C:\Program Files (x86)\World of Warcraft Beta
2018-07-07 14:26 - 2014-04-08 10:44 - 000000000 ____D C:\Users\David Hynek\AppData\Roaming\vlc
2018-06-25 23:11 - 2017-07-01 16:37 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-24 15:52 - 2017-02-20 16:43 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-06-19 17:12 - 2012-11-05 20:36 - 000000000 ____D C:\Users\David Hynek\AppData\Roaming\TS3Client
2018-06-19 17:07 - 2012-11-05 20:35 - 000000000 ____D C:\TeamSpeak 3 Client

==================== Files in the root of some directories =======

2013-06-19 22:18 - 2014-04-11 13:38 - 000000096 _____ () C:\Users\David Hynek\AppData\Roaming\Camdata.ini
2013-06-19 22:18 - 2014-04-11 13:38 - 000000408 _____ () C:\Users\David Hynek\AppData\Roaming\CamLayout.ini
2013-06-19 22:18 - 2014-04-11 13:38 - 000000408 _____ () C:\Users\David Hynek\AppData\Roaming\CamShapes.ini
2013-06-19 22:18 - 2014-04-11 13:38 - 000004520 _____ () C:\Users\David Hynek\AppData\Roaming\CamStudio.cfg
2013-06-19 22:19 - 2013-06-19 22:19 - 000000098 _____ () C:\Users\David Hynek\AppData\Roaming\CamStudio.Producer.command
2013-06-19 22:19 - 2013-06-19 22:19 - 000000000 _____ () C:\Users\David Hynek\AppData\Roaming\CamStudio.Producer.Data.ini
2013-06-19 22:19 - 2013-06-19 22:19 - 000001206 _____ () C:\Users\David Hynek\AppData\Roaming\CamStudio.Producer.ini
2013-04-02 18:04 - 2013-04-02 18:04 - 000000219 _____ () C:\Users\David Hynek\AppData\Roaming\DAVIDHYNEK-PC.MTBF.txt
2016-02-09 17:24 - 2017-04-18 17:04 - 000099384 _____ () C:\Users\David Hynek\AppData\Roaming\inst.exe
2013-05-28 13:25 - 2017-04-18 17:04 - 000007859 _____ () C:\Users\David Hynek\AppData\Roaming\pcouffin.cat
2013-05-28 13:25 - 2017-04-18 17:04 - 000001167 _____ () C:\Users\David Hynek\AppData\Roaming\pcouffin.inf
2013-05-28 13:25 - 2017-04-18 17:04 - 000000055 _____ () C:\Users\David Hynek\AppData\Roaming\pcouffin.log
2013-05-28 13:25 - 2017-04-18 17:04 - 000082816 _____ (VSO Software) C:\Users\David Hynek\AppData\Roaming\pcouffin.sys
2013-04-02 18:05 - 2013-04-02 18:31 - 000000668 _____ () C:\Users\David Hynek\AppData\Roaming\__AvidCloudManager.log
2013-04-02 18:05 - 2013-04-02 18:26 - 000001094 _____ () C:\Users\David Hynek\AppData\Roaming\__AvidCloudManagerPrevious.log
2013-04-26 15:24 - 2013-04-26 15:24 - 000000058 _____ () C:\Users\David Hynek\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2012-10-12 00:51 - 2018-05-26 16:26 - 000007603 _____ () C:\Users\David Hynek\AppData\Local\Resmon.ResmonCfg
2012-10-30 18:13 - 2013-03-05 00:45 - 000000139 _____ () C:\Users\David Hynek\AppData\Local\SRDownloader.err
2012-10-30 18:13 - 2013-03-05 01:04 - 000001128 _____ () C:\Users\David Hynek\AppData\Local\SRDownloader.nast

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-08 14:43

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by David Hynek (14-07-2018 13:26:27)
Running from C:\Users\David Hynek\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-09-26 16:20:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1206595139-1558415813-2062055028-500 - Administrator - Disabled)
David Hynek (S-1-5-21-1206595139-1558415813-2062055028-1001 - Administrator - Enabled) => C:\Users\David Hynek
Guest (S-1-5-21-1206595139-1558415813-2062055028-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.159 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Aktualizace NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\{4555BB9E-E715-4260-A178-E8EFD2B653E3}) (Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Ashampoo Burning Studio 2016 v.16.0.0 (HKLM-x32\...\{91B33C97-B4A4-B41A-6B97-C62C82CEB6A9}_is1) (Version: 16.0.0 - Ashampoo GmbH & Co. KG)
AsMakeLink (HKLM\...\AsMakeLink) (Version: - )
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.2.0 - Asmedia Technology)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.4 - ASUS)
ASUS Video Magic (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4710 - CyberLink Corp.) Hidden
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4710 - CyberLink Corp.)
AsusScr_N5_En (HKLM-x32\...\AsusScr_N5_En) (Version: 1.0.0001 - ASUS)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0014 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.3.2333 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 64.0.387.186 - AVAST Software)
Balíček ovladače systému Windows - Qualcomm Atheros Communications Inc. (athr) Net (03/11/2013 10.0.0.234) (HKLM\...\9F26BE7C257739D7488254A1B5CBFE820E44E902) (Version: 03/11/2013 10.0.0.234 - Qualcomm Atheros Communications Inc.)
Balíček ovladače systému Windows - Qualcomm Atheros Communications Inc. Net (03/11/2013 10.0.0.234) (HKLM\...\99C882A44FD971DC797FE21420A3099DECE89966) (Version: 03/11/2013 10.0.0.234 - Qualcomm Atheros Communications Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bloody5 (HKLM-x32\...\Bloody3) (Version: 15.06.0005 - Bloody)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike(TM) (HKLM-x32\...\{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}) (Version: 1.0.0.0 - Valve)
CPUID HWMonitor 1.31 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4319 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Discord (HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Eurobattle.net (HKLM-x32\...\Eurobattle.net1.26a) (Version: 1.26a - Eurobattle.net)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Heroes of the Storm Public Test (HKLM-x32\...\Heroes of the Storm Public Test) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
ICQ (verze 10.0.12248) (HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\icq.desktop) (Version: 10.0.12248 - ICQ)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}) (Version: 1.2.1.0608 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lizard Safeguard - PDF Viewer 2.6.34 (HKLM-x32\...\Lizard Safeguard - PDF Viewer_is1) (Version: - )
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Miranda IM 0.10.78 (HKLM-x32\...\Miranda IM) (Version: 0.10.78 - Miranda IM Project)
Mozilla Firefox 59.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.3 (x64 en-US)) (Version: 59.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.2.6611 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NBA 2K13 (HKLM-x32\...\{D96B6543-A0C0-4351-AF96-73DEF1DD6820}) (Version: 1.0.0 - 2K Sports)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
One Piece Pirate Warriors 3: GOLD Edition (HKLM-x32\...\One Piece Pirate Warriors 3: GOLD Edition_is1) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Shotty - Tiny but impressive screenshot utility (HKLM\...\2e730c18-03e8-4d1d-8fc2-0ee3ea04a765) (Version: 2.0.2.216 - Thomas Baumann)
Spotify (HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\Spotify) (Version: 1.0.77.338.g758ebd78 - Spotify AB)
Square Enix Secure Launcher (HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\Square Enix Secure Launcher) (Version: 1.0.0.108 - Square Enix)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
System Requirements Lab (HKLM-x32\...\{FEE1F166-EAE4-4C4B-8988-D82521F9F63F}) (Version: 6.1.5.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{17922DDF-5AF1-42DF-82A3-564EA4BBAE36}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Tombraider (HKLM-x32\...\Tombraider_is1) (Version: - )
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Unity Web Player (HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 20.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\Warcraft III) (Version: - )
Warcraft Logs Uploader (HKLM-x32\...\{39478036-170A-CEA7-6008-4218A11FA436}) (Version: 5.02 - UNKNOWN) Hidden
Warcraft Logs Uploader (HKLM-x32\...\com.warcraft.logs) (Version: 5.02 - UNKNOWN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.0 - ASUS)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}) (Version: 3.0.24 - ASUS)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Beta (HKLM-x32\...\World of Warcraft Beta) (Version: - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version: - Blizzard Entertainment)
X-Mouse Button Control 2.13.1 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.13.1 - Highresolution Enterprises)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001_Classes\CLSID\{1a365a64-acdc-415e-8846-b38187744dce}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-05] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-05] (AVAST Software)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2011-03-13] (Atheros Commnucations)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-05] (AVAST Software)
ContextMenuHandlers1: [BTMSentToExt] -> {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-10-18] (Intel Corporation)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-05] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2011-03-13] (Atheros Commnucations)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-05] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {076A5488-ACB7-4D32-986D-37D16C751E99} - System32\Tasks\{3A8ABF8A-F4D3-4F96-AA2C-A2D2E6E9FFB7} => C:\Windows\system32\pcalua.exe -a D:\Steam\steam.exe -c steam://uninstall/211500
Task: {1368CC2A-6F0F-446F-A6F7-DD0A63A54C78} - System32\Tasks\CCleaner Update => C:\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {1564B3A6-BE9D-4709-B71C-E5A1D080110B} - System32\Tasks\{6D971D95-4BCE-475E-814D-7B5B7ED12181} => C:\Windows\system32\pcalua.exe -a "C:\Users\David Hynek\Desktop\nba2k13\setup.exe" -d "C:\Users\David Hynek\Desktop\nba2k13"
Task: {230A1210-28C0-4B95-99FA-BA4451CE2044} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {23F4690B-5B5C-4366-99DE-248567757902} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {2A5BB3FE-6EF7-4923-866A-040752FAB6D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-01] (Google Inc.)
Task: {2B5BA152-1013-4D59-8C97-BF5C4FD6ACA5} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {2E7630F3-8CC3-4E0B-89B4-817CBEDF52F9} - System32\Tasks\{E13A5D63-5173-41FC-9CB8-2AC152375160} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {30C37B26-BE9A-4E52-8033-C91BD13D2ECC} - System32\Tasks\{4B0ED2CF-260B-4243-9922-9D10409ED05A} => D:\Cata\Cata.exe
Task: {3E4FA5AD-486A-43AC-B747-978288CE8F94} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-22] (ASUS)
Task: {3F5599BC-1F3B-4EA5-A182-41AFB2B20B52} - System32\Tasks\{8ECC7C99-91A0-4425-9848-D561C2F33333} => C:\Windows\system32\pcalua.exe -a "C:\Users\David Hynek\Desktop\MNA\setup.exe" -d "C:\Users\David Hynek\Desktop\MNA"
Task: {4464C3E5-CE52-4304-B02F-7555AD1BC7E9} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1206595139-1558415813-2062055028-1001
Task: {5068DF17-B360-4664-97DB-413505068493} - System32\Tasks\{4C9E7814-85E0-46FD-A3FA-AC88DB63AF4D} => D:\World of Warcraft\PandashanLauncher.exe
Task: {5F2A7E23-BDA3-4033-AF49-307E36B75948} - System32\Tasks\{3BE2355E-E9A1-4F87-B3AB-E0997C143308} => C:\Windows\system32\pcalua.exe -a "D:\Tony Hawks Pro Skater HD\redist\vcredist_x86.exe" -d "D:\Tony Hawks Pro Skater HD\redist"
Task: {64C09F54-0A9B-4792-91FF-F82562DB4B50} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-06-06] (AVAST Software)
Task: {6B48C0DA-1DEC-4797-883A-65EB6DEAC6B6} - System32\Tasks\{7C5DB924-5773-46D0-8104-270422FD976D} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {6DC4956D-7AA0-43DC-B403-B0FC7BE44020} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {73A2372B-EF44-4882-B797-6276746FCE21} - System32\Tasks\{A57794C3-074C-42C8-8E54-3C4C2B4C9CBC} => C:\Windows\system32\pcalua.exe -a "D:\Steam\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "D:\Steam\steamapps\common\Left 4 Dead 2" -c /register
Task: {743B440A-29B1-4F7E-9074-299C8DBCB787} - System32\Tasks\{E0DFF7C1-CD92-48A5-A76D-0544801851B2} => D:\World of Warcraft\PandashanLauncher.exe
Task: {7825104E-7BC4-427D-9A4D-9D7B87322052} - System32\Tasks\SafeZone scheduled Autoupdate 1451238072 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {7A3C55A2-F9F4-40C9-A3E5-3ABB59BAB7D2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {7E73BE76-AAD0-4B6A-82E0-359F5B37CD9B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-19] (NVIDIA Corporation)
Task: {831C4429-0229-4225-B6EE-8080EDDE7488} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-19] (NVIDIA Corporation)
Task: {8D76DE8D-A45D-48E9-9611-24EB48BA5A09} - System32\Tasks\{71E8A89D-5150-4D4D-8883-F147BB9FFE09} => C:\Windows\system32\pcalua.exe -a "C:\Users\David Hynek\Desktop\Wowhead_Client.exe" -d "C:\Users\David Hynek\Desktop"
Task: {8FE0C739-AC04-4B8B-ADCE-71876BE00B2F} - System32\Tasks\{BC2709D5-BB76-410D-8FB9-88A8C762AFF0} => C:\Windows\system32\pcalua.exe -a "C:\Users\David Hynek\Desktop\Fifa\Installer.exe" -d "C:\Users\David Hynek\Desktop\Fifa"
Task: {955D0839-41E1-4AD5-A277-08134858FEC5} - System32\Tasks\{85E0E4B9-F1DF-4398-9A85-45276493CB01} => C:\Windows\system32\pcalua.exe -a "D:\Tony Hawks Pro Skater HD\redist\dotnetfx35_SP1.exe" -d "D:\Tony Hawks Pro Skater HD\redist"
Task: {98FBA9F6-FED2-4556-879C-647C13A76E26} - System32\Tasks\{8B295764-4E2C-455F-BA43-5C73D460FD5E} => D:\Steam\Steam.exe [2018-06-09] (Valve Corporation)
Task: {991F9792-95FF-4484-ADC3-8A79C92E0F57} - System32\Tasks\{C2A36E6E-496D-4079-892B-50F051B6CB51} => D:\WoW Cata\Wow.exe
Task: {9A022BEC-2299-4544-B063-49CFBA253B31} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-01] (Google Inc.)
Task: {A5BD04B0-CC27-4D02-B86D-11B002FDB5E7} - System32\Tasks\{3EB5F546-57A4-433C-BFCF-C1F4FF6391CA} => D:\Steam\Steam.exe [2018-06-09] (Valve Corporation)
Task: {A744E4C1-A3EB-4045-8824-15CD2E67ECE9} - System32\Tasks\{35F6C9F1-D31A-48C2-86B2-D2FA052ACFA5} => C:\Users\David Hynek\Desktop\nba2k13\setup.exe
Task: {AE91D09A-C626-4484-BBFD-88333C1661F3} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {B050B86A-8441-41D2-AE49-A285912EB088} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-19] (NVIDIA Corporation)
Task: {B18A5A97-ECB9-4AF6-9F08-D57322FE5774} - System32\Tasks\CCleanerSkipUAC => C:\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {B633A21D-E0FE-437C-9DEF-AA7222775247} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {B7A44BB9-D58D-458D-AC01-7BACC27D66D0} - System32\Tasks\{638FF75C-0CE8-441F-BEC8-BF9555DD423D} => C:\Windows\system32\pcalua.exe -a C:\Avastantivir\aswRunDll.exe -c "C:\Avastantivir\Setup\setiface.dll" RunSetup
Task: {BD315831-CD4C-46B8-B67E-A0C31919AB4A} - System32\Tasks\{F9CE0497-3BC9-4BF4-9875-9E52B8897540} => C:\WoW Cata\Wow.exe [2013-09-26] (Blizzard Entertainment)
Task: {BD79AC6E-ACC1-4A40-9333-F1B04F6D17DD} - System32\Tasks\USBChargerPlus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2011-09-20] (ASUSTek Computer Inc.)
Task: {C621563B-E9DE-4788-948B-98AF0AA92252} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-05-05] (Adobe Systems Incorporated)
Task: {C6AA8076-DF90-48FA-958A-46EDEB4315D3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-05] (Adobe Systems Incorporated)
Task: {C6CC5C24-D047-41CF-A884-4031ED12D086} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {C78BC852-6BE9-4664-8EB9-831B5260DD36} - System32\Tasks\Driver Booster SkipUAC (David Hynek) => C:\Driver Booster\DriverBooster.exe
Task: {CB48A483-B899-491F-BA65-CAF22AC44CC0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_159_pepper.exe [2017-10-10] (Adobe Systems Incorporated)
Task: {CF2D979D-3A33-43EA-A152-F73E3EA8902D} - System32\Tasks\{A5BE9FBF-B10A-4567-B881-9A805252C90C} => D:\WoW Cata\Wow.exe
Task: {CFFB49BD-F186-48A7-8C38-A1F2415FC9C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-05-05] (AVAST Software)
Task: {D1F09E06-2DFB-449D-A7FD-FE5A232CF8E3} - System32\Tasks\{37498FC8-1BCE-4565-821D-D5B1520D8148} => D:\Heroes of the Storm\Heroes of the Storm.exe [2017-05-17] (Blizzard Entertainment)
Task: {DE231C24-B141-4C63-B5DB-3BA051E2C151} - System32\Tasks\{358FBDFC-3F07-4827-88C6-66E8A855B6E7} => D:\Overwolf\OverwolfLauncher.exe
Task: {DFE1BEF2-2CA1-41F9-98D2-DA3155F80E02} - System32\Tasks\{6CFBCDD2-220F-4DE5-82B3-730A1C967817} => D:\World of Warcraft\PandashanLauncher.exe
Task: {E248A12C-F694-4025-9329-FE4924AA3379} - System32\Tasks\{78E95B85-BAAF-40BB-BCF5-0587C7344E46} => D:\Cata\Cata.exe
Task: {E5DA68EB-FC10-4320-B142-87405BD52A4F} - System32\Tasks\{125F7D28-1209-4A2D-A3EA-ECD570ECE3E3} => D:\Heroes of the Storm\Heroes of the Storm.exe [2017-05-17] (Blizzard Entertainment)
Task: {E8D7B1F4-462F-4F09-9DED-4BF49265E662} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\David Hynek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2017-04-21 23:15 - 2017-09-19 09:23 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-05-28 17:04 - 2018-03-24 03:13 - 000544192 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2012-10-16 21:52 - 2012-10-17 22:50 - 000076888 ____N () C:\Windows\SysWOW64\PnkBstrA.exe
2018-05-05 15:50 - 2018-05-05 15:50 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2018-05-05 15:50 - 2018-05-05 15:50 - 000920280 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2018-05-05 15:50 - 2018-05-05 15:50 - 000348888 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2011-12-01 04:17 - 2011-05-05 14:30 - 000057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2011-12-01 04:15 - 2015-06-01 22:00 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-12-03 09:52 - 2017-11-30 12:28 - 001623040 _____ () C:\TradeSkillMaster Application\app\TSMApplication.exe
2018-06-24 13:26 - 2018-06-24 13:26 - 000084808 _____ () C:\CCleaner\lang\lang-1029.dll
2018-06-25 23:10 - 2018-06-22 21:15 - 002663768 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\swiftshader\libglesv2.dll
2018-06-25 23:10 - 2018-06-22 21:15 - 000128856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\swiftshader\libegl.dll
2018-05-05 15:50 - 2018-05-05 15:50 - 000349912 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll
2018-05-05 15:50 - 2018-05-05 15:50 - 000295640 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-05-05 15:50 - 2018-05-05 15:50 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-05-05 15:50 - 2018-05-05 15:50 - 000763608 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-05-05 15:51 - 2018-05-05 15:51 - 000911064 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-05-05 15:50 - 2018-05-05 15:50 - 000172760 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-05-05 15:50 - 2018-05-05 15:50 - 000969944 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-05-05 15:50 - 2018-05-05 15:50 - 000501464 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-07-14 13:16 - 2018-07-14 13:16 - 005846160 _____ () C:\Program Files\AVAST Software\Avast\defs\18071400\algo.dll
2018-03-18 18:43 - 2018-03-18 18:43 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-05-05 15:50 - 2018-05-05 15:50 - 000281816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-12-03 09:52 - 2017-12-03 09:52 - 000783360 _____ () C:\TradeSkillMaster Application\app\_hashlib.pyd
2017-12-03 09:52 - 2017-12-03 09:52 - 000047104 _____ () C:\TradeSkillMaster Application\app\_socket.pyd
2017-12-03 09:52 - 2017-12-03 09:52 - 000009728 _____ () C:\TradeSkillMaster Application\app\select.pyd
2017-12-03 09:52 - 2017-12-03 09:52 - 000758784 _____ () C:\TradeSkillMaster Application\app\unicodedata.pyd
2017-12-03 09:52 - 2017-12-03 09:52 - 000084992 _____ () C:\TradeSkillMaster Application\app\_ctypes.pyd
2017-12-03 09:52 - 2017-12-03 09:52 - 000053760 _____ () C:\TradeSkillMaster Application\app\_bz2.pyd
2017-12-03 09:52 - 2017-12-03 09:52 - 001861120 _____ () C:\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2017-12-03 09:52 - 2017-12-03 09:52 - 000075264 _____ () C:\TradeSkillMaster Application\app\sip.pyd
2017-12-03 09:52 - 2017-12-03 09:52 - 000137216 _____ () C:\TradeSkillMaster Application\app\_lzma.pyd
2017-12-03 09:52 - 2017-12-03 09:52 - 002002944 _____ () C:\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2017-12-03 09:52 - 2017-12-03 09:52 - 004101120 _____ () C:\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2017-12-03 09:52 - 2017-12-03 09:52 - 000039424 _____ () C:\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2011-09-13 23:33 - 2011-09-13 23:33 - 001163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2010-08-20 19:57 - 2010-08-20 19:57 - 000619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 19:57 - 2010-08-20 19:57 - 000013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2018-04-09 16:41 - 2018-04-09 16:41 - 000062976 _____ () C:\Miranda IM\zlib.dll
2018-04-09 16:51 - 2018-04-09 16:51 - 000028672 _____ () C:\Miranda IM\Plugins\dbx_mmap.dll
2018-04-09 17:00 - 2018-04-09 17:00 - 000053760 _____ () C:\Miranda IM\Plugins\clist_classic.dll
2018-04-09 16:54 - 2018-04-09 16:54 - 000220672 _____ () C:\Miranda IM\Plugins\chat.dll
2018-04-09 16:54 - 2018-04-09 16:54 - 000326144 _____ () C:\Miranda IM\Plugins\icq.dll
2018-04-09 16:43 - 2018-04-09 16:43 - 000318976 _____ () C:\Miranda IM\Plugins\irc.dll
2018-04-09 16:57 - 2018-04-09 16:57 - 000075776 _____ () C:\Miranda IM\Plugins\srmm.dll
2018-05-01 19:18 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-05-01 19:43 - 2018-07-11 11:10 - 011262808 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-05-01 19:43 - 2018-05-01 19:43 - 001530712 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-05-01 19:43 - 2018-05-01 19:43 - 000512856 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-05-01 19:43 - 2018-06-30 11:16 - 001648984 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-05-01 19:43 - 2018-05-01 19:43 - 002722648 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-05-01 19:44 - 2018-05-01 19:44 - 001249112 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
2018-05-01 19:44 - 2018-05-01 19:44 - 002760536 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:FEF919E6 [136]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\download.microsoft.com -> hxxp://download.microsoft.com
IE trusted site: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\update.microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\update.microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\windowsupdate.com -> hxxp://windowsupdate.com
IE trusted site: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2017-03-13 16:44 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David Hynek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AFBAgent => 2
MSCONFIG\Services: ASLDRService => 2
MSCONFIG\Services: ASUS InstantOn => 2
MSCONFIG\Services: Atheros Bt&Wlan Coex Agent => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: ATKGFNEXSrv => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth Media Service => 3
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Splashtop MDES => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SystemExplorerHelpService => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TurboBoost => 2
MSCONFIG\Services: UNS => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{B2C06E74-4EE6-4620-A820-0CE6B0D4985C}C:\utorrent\utorrent.exe] => (Allow) C:\utorrent\utorrent.exe
FirewallRules: [UDP Query User{64C542EC-B6E9-46F5-A0B5-CFA65D313E00}C:\utorrent\utorrent.exe] => (Allow) C:\utorrent\utorrent.exe
FirewallRules: [TCP Query User{5FEFC943-4D2C-42C2-B5C0-81FA49AEB1C5}D:\warcraft iii\gproxy.exe] => (Allow) D:\warcraft iii\gproxy.exe
FirewallRules: [UDP Query User{244950D2-EE2A-4BF1-8447-705668275591}D:\warcraft iii\gproxy.exe] => (Allow) D:\warcraft iii\gproxy.exe
FirewallRules: [TCP Query User{6423847A-CBA7-4130-B124-9ED68D93DB07}D:\warcraft iii\war3.exe] => (Allow) D:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{8B6F3209-0F52-4ACD-9AE0-EA02E0BFEEF9}D:\warcraft iii\war3.exe] => (Allow) D:\warcraft iii\war3.exe
FirewallRules: [TCP Query User{3C485705-B9EA-4433-AA1F-D5FBC72173B2}C:\utorrent\utorrent.exe] => (Allow) C:\utorrent\utorrent.exe
FirewallRules: [UDP Query User{A7A977DA-D049-4F93-80A4-95F68B4A1757}C:\utorrent\utorrent.exe] => (Allow) C:\utorrent\utorrent.exe
FirewallRules: [{C39BDB0E-D4B0-48B7-BF41-37F7DA32853A}] => (Allow) D:\Battle.net\Battle.net.exe
FirewallRules: [{ACE3B969-80C7-4C66-86B9-BDBE201FB36A}] => (Allow) D:\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{0422D665-4F76-43A7-9552-4CBCB6308ADD}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe
FirewallRules: [UDP Query User{8DD431DB-E179-41DA-8B81-87571307BF08}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe
FirewallRules: [{DE7BC07F-3603-4C25-9949-44A1D22FDBD6}] => (Allow) D:\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{006F2753-A6D0-44A5-9093-09A4052A5ECD}] => (Allow) D:\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{18D826FB-4DA0-455A-A423-BF46276C0966}] => (Allow) D:\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{5F39A688-4B3D-455D-8C39-6F4A823BFF33}] => (Allow) D:\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{75B28E90-4DBF-43AC-B29B-26132517BA98}] => (Allow) D:\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{33FBD337-6BEB-4ADF-BB48-CAD6CFD451D0}] => (Allow) D:\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{F351F728-8A29-4EDE-9858-0C34BF410684}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{CC6DC607-A974-41A6-A82F-B842AC1EC527}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{453022D1-A751-4753-A6E0-4BB71D20B22C}] => (Allow) C:\Users\David Hynek\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{986D487A-281D-4F90-988C-969127D59699}] => (Allow) C:\Users\David Hynek\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{4287B184-8E11-4AFD-B6D1-2B6920D562F7}C:\users\david hynek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david hynek\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5152FF75-503F-4953-A2FF-C47CD1B66177}C:\users\david hynek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david hynek\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{1E73A923-5AD5-4DCC-9091-C8E4EFC8A60B}C:\users\david hynek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david hynek\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1DC609B2-9A4B-42AD-A86D-64736EA08BD1}C:\users\david hynek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david hynek\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{CE0DC009-D814-4B6E-BB9F-CA4237E40EC7}C:\users\david hynek\appdata\roaming\utorrent\updates\3.4.5_41865.exe] => (Allow) C:\users\david hynek\appdata\roaming\utorrent\updates\3.4.5_41865.exe
FirewallRules: [UDP Query User{8E8C52EF-F617-4A2A-B617-78D99E223C1B}C:\users\david hynek\appdata\roaming\utorrent\updates\3.4.5_41865.exe] => (Allow) C:\users\david hynek\appdata\roaming\utorrent\updates\3.4.5_41865.exe
FirewallRules: [{3192F993-BBF1-415A-A712-F28335B14559}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B8E9886B-53CE-45B3-8CEC-E49E9DEF33A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A4FBE12B-0EE7-4439-BB45-758915B9A3EF}C:\miranda im\miranda64.exe] => (Allow) C:\miranda im\miranda64.exe
FirewallRules: [UDP Query User{716C41D4-C86E-4572-9E19-D3DF6F00FB88}C:\miranda im\miranda64.exe] => (Allow) C:\miranda im\miranda64.exe
FirewallRules: [TCP Query User{4FD0FAB5-812B-4CAE-92CF-A9D85FBFE1D5}C:\miranda im\miranda64.exe] => (Allow) C:\miranda im\miranda64.exe
FirewallRules: [UDP Query User{A1B08C12-5C69-4ECB-9E87-6745EF88BF84}C:\miranda im\miranda64.exe] => (Allow) C:\miranda im\miranda64.exe
FirewallRules: [TCP Query User{31F6F01B-E943-43B6-A9D6-EEE7520446C6}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{9F61B029-AA7B-4FC2-8CCF-475487D7F740}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [{F2C4B590-293A-4085-A5BE-504A174D7244}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{419A8F93-1F1E-4462-993B-E204A5EA8A18}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6ACB9B96-457E-45C5-B142-80521B40FB84}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8FA55DF6-4C50-45FC-9974-F2E842C75B81}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{09FEB203-C250-4C9C-BD06-EEBAD2C91D56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4682E362-7259-41DA-BD7E-91A72CB0D72F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{B7BC3F3C-0D4D-4041-AA28-D9E8F4528C04}D:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{53CC15D9-A8FF-4CF9-A1B1-87C6D8864184}D:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [{BA122A1D-B7FE-4A7D-96ED-4351B1B98988}] => (Allow) D:\Microsoft Office\Office12\outlook.exe
FirewallRules: [{EA7F5342-7752-40A0-850B-EA888E632A6C}] => (Allow) D:\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{02F412C9-F434-41E0-9A5D-65BA317FFD1A}] => (Allow) D:\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{931FA000-DCDB-4BD0-BE34-0219DBB63620}] => (Allow) D:\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{C11E73E9-BF0C-4CEF-87C8-A72B5CC1435B}] => (Allow) D:\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{98687D95-11F4-4523-9E07-AA624F450565}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{B9F72AB0-4D86-42AD-B850-D7E85396019B}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [TCP Query User{2D1030A1-7F31-4CC0-93F6-9E525A23BFFA}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{93A403D7-B8AD-43FB-A9F0-81023EAE845C}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [{B75FB474-7C73-4E29-AFD2-8D9FB0CFF056}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1A518CAD-DF24-4EBA-9CF0-9E8DF73E5E0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{62E5A69C-B7CD-4C2C-B462-ED512D88BEF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B13F4CA1-DA18-489C-87EB-828E65F0281E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2AF00D15-D27A-4582-9E32-D21BF20A1CD9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F63C58A9-C3C3-484E-B95A-174DB2943B7B}C:\miranda im\miranda32.exe] => (Allow) C:\miranda im\miranda32.exe
FirewallRules: [UDP Query User{0C84AB98-FD02-49EC-9BD7-814AB4A6C4B1}C:\miranda im\miranda32.exe] => (Allow) C:\miranda im\miranda32.exe
FirewallRules: [{104761E2-E706-4B01-B8E5-6C0437B963F0}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [TCP Query User{0461BBB9-8A77-46EA-B7A1-CA1686B9F76C}C:\program files (x86)\world of warcraft beta\utils\wowvoiceproxyt.exe] => (Allow) C:\program files (x86)\world of warcraft beta\utils\wowvoiceproxyt.exe
FirewallRules: [UDP Query User{23BB71CE-CEA6-4DCC-BB63-6FE50307D106}C:\program files (x86)\world of warcraft beta\utils\wowvoiceproxyt.exe] => (Allow) C:\program files (x86)\world of warcraft beta\utils\wowvoiceproxyt.exe
FirewallRules: [TCP Query User{83047A26-F095-4B6B-AE80-93817232DB01}D:\world of warcraft\world of warcraft beta\utils\wowvoiceproxyt.exe] => (Allow) D:\world of warcraft\world of warcraft beta\utils\wowvoiceproxyt.exe
FirewallRules: [UDP Query User{847609EA-3910-479C-A68B-339C4329B651}D:\world of warcraft\world of warcraft beta\utils\wowvoiceproxyt.exe] => (Allow) D:\world of warcraft\world of warcraft beta\utils\wowvoiceproxyt.exe
FirewallRules: [TCP Query User{8DFB0F0F-83A7-4EA8-9607-45E8E1BBB789}D:\world of warcraft\world of warcraft public test\utils\wowvoiceproxyt.exe] => (Allow) D:\world of warcraft\world of warcraft public test\utils\wowvoiceproxyt.exe
FirewallRules: [UDP Query User{048DE5B0-29D8-43AA-B7D3-A211CC4E5E71}D:\world of warcraft\world of warcraft public test\utils\wowvoiceproxyt.exe] => (Allow) D:\world of warcraft\world of warcraft public test\utils\wowvoiceproxyt.exe
FirewallRules: [TCP Query User{D6D94AF9-2B16-4F20-AED1-62BE657966D3}C:\miranda im\miranda32.exe] => (Allow) C:\miranda im\miranda32.exe
FirewallRules: [UDP Query User{932B06D8-ADD5-499D-904C-26A40F7B92AE}C:\miranda im\miranda32.exe] => (Allow) C:\miranda im\miranda32.exe
FirewallRules: [{D303DB59-6AF1-48C9-8A70-8F940915D833}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F035CB8D-6168-480D-BC0F-749243F21862}] => (Allow) C:\CCleaner\CCUpdate.exe
FirewallRules: [{F6A6BFDF-83EF-41F3-89C8-7F6B320265B0}] => (Allow) C:\CCleaner\CCUpdate.exe

==================== Restore Points =========================

03-07-2018 15:02:18 Naplánovaný kontrolní bod
11-07-2018 12:55:39 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2018 01:24:39 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/14/2018 01:17:42 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/14/2018 01:15:20 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/14/2018 12:15:27 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/13/2018 11:15:20 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/13/2018 10:15:20 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/13/2018 09:15:17 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (07/13/2018 08:15:22 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (07/13/2018 09:43:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (07/13/2018 09:43:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Hi-Rez Studios Authenticate and Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/13/2018 09:43:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/13/2018 09:43:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (07/13/2018 09:43:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (07/13/2018 09:43:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (07/13/2018 09:43:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (07/13/2018 09:43:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2015-03-04 22:18:20.020
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-03-04 22:10:18.374
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-03-04 21:48:47.081
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

CodeIntegrity:
===================================

Date: 2015-03-13 09:54:07.920
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-13 09:54:07.732
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-13 09:51:33.857
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-13 09:51:33.701
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-13 09:48:59.511
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-13 09:48:59.355
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-13 09:40:41.036
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-13 09:40:40.865
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 52%
Total physical RAM: 6048.05 MB
Available physical RAM: 2901.68 MB
Total Virtual: 12094.29 MB
Available Virtual: 8861.98 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:300 GB) (Free:82.95 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:373.64 GB) (Free:49.63 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 5BE4A3F9)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=300 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=373.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppMgmt
    Folder: C:\Driver Booster
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
    CHR DefaultSearchURL: Default -> hxxps://www.twitch.tv/favicon.ico
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
    S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
    Task: {076A5488-ACB7-4D32-986D-37D16C751E99} - System32\Tasks\{3A8ABF8A-F4D3-4F96-AA2C-A2D2E6E9FFB7} => C:\Windows\system32\pcalua.exe -a D:\Steam\steam.exe -c steam://uninstall/211500
    Task: {1564B3A6-BE9D-4709-B71C-E5A1D080110B} - System32\Tasks\{6D971D95-4BCE-475E-814D-7B5B7ED12181} => C:\Windows\system32\pcalua.exe -a "C:\Users\David Hynek\Desktop\nba2k13\setup.exe" -d "C:\Users\David Hynek\Desktop\nba2k13"
    Task: {3F5599BC-1F3B-4EA5-A182-41AFB2B20B52} - System32\Tasks\{8ECC7C99-91A0-4425-9848-D561C2F33333} => C:\Windows\system32\pcalua.exe -a "C:\Users\David Hynek\Desktop\MNA\setup.exe" -d "C:\Users\David Hynek\Desktop\MNA"
    Task: {4464C3E5-CE52-4304-B02F-7555AD1BC7E9} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1206595139-1558415813-2062055028-1001
    Task: {8D76DE8D-A45D-48E9-9611-24EB48BA5A09} - System32\Tasks\{71E8A89D-5150-4D4D-8883-F147BB9FFE09} => C:\Windows\system32\pcalua.exe -a "C:\Users\David Hynek\Desktop\Wowhead_Client.exe" -d "C:\Users\David Hynek\Desktop"
    Task: {8FE0C739-AC04-4B8B-ADCE-71876BE00B2F} - System32\Tasks\{BC2709D5-BB76-410D-8FB9-88A8C762AFF0} => C:\Windows\system32\pcalua.exe -a "C:\Users\David Hynek\Desktop\Fifa\Installer.exe" -d "C:\Users\David Hynek\Desktop\Fifa"
    Task: {955D0839-41E1-4AD5-A277-08134858FEC5} - System32\Tasks\{85E0E4B9-F1DF-4398-9A85-45276493CB01} => C:\Windows\system32\pcalua.exe -a "D:\Tony Hawks Pro Skater HD\redist\dotnetfx35_SP1.exe" -d "D:\Tony Hawks Pro Skater HD\redist"
    Task: {A744E4C1-A3EB-4045-8824-15CD2E67ECE9} - System32\Tasks\{35F6C9F1-D31A-48C2-86B2-D2FA052ACFA5} => C:\Users\David Hynek\Desktop\nba2k13\setup.exe
    Task: {C78BC852-6BE9-4664-8EB9-831B5260DD36} - System32\Tasks\Driver Booster SkipUAC (David Hynek) => C:\Driver Booster\DriverBooster.exe
    AlternateDataStreams: C:\ProgramData\Temp:FEF919E6 [136]
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
    MSCONFIG\Services: SkypeUpdate => 2
    C:\Driver Booster
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Simicek
Návštěvník
Návštěvník
Příspěvky: 173
Registrován: 23 črc 2008 19:09

Re: Prosím o kontrolu

#7 Příspěvek od Simicek »

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by David Hynek (15-07-2018 12:19:33) Run:1
Running from C:\Users\David Hynek\Desktop
Loaded Profiles: David Hynek (Available Profiles: David Hynek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppMgmt
Folder: C:\Driver Booster
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
CHR DefaultSearchURL: Default -> hxxps://www.twitch.tv/favicon.ico
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
Task: {076A5488-ACB7-4D32-986D-37D16C751E99} - System32\Tasks\{3A8ABF8A-F4D3-4F96-AA2C-A2D2E6E9FFB7} => C:\Windows\system32\pcalua.exe -a D:\Steam\steam.exe -c steam://uninstall/211500
Task: {1564B3A6-BE9D-4709-B71C-E5A1D080110B} - System32\Tasks\{6D971D95-4BCE-475E-814D-7B5B7ED12181} => C:\Windows\system32\pcalua.exe -a "C:\Users\David Hynek\Desktop\nba2k13\setup.exe" -d "C:\Users\David Hynek\Desktop\nba2k13"
Task: {3F5599BC-1F3B-4EA5-A182-41AFB2B20B52} - System32\Tasks\{8ECC7C99-91A0-4425-9848-D561C2F33333} => C:\Windows\system32\pcalua.exe -a "C:\Users\David Hynek\Desktop\MNA\setup.exe" -d "C:\Users\David Hynek\Desktop\MNA"
Task: {4464C3E5-CE52-4304-B02F-7555AD1BC7E9} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1206595139-1558415813-2062055028-1001
Task: {8D76DE8D-A45D-48E9-9611-24EB48BA5A09} - System32\Tasks\{71E8A89D-5150-4D4D-8883-F147BB9FFE09} => C:\Windows\system32\pcalua.exe -a "C:\Users\David Hynek\Desktop\Wowhead_Client.exe" -d "C:\Users\David Hynek\Desktop"
Task: {8FE0C739-AC04-4B8B-ADCE-71876BE00B2F} - System32\Tasks\{BC2709D5-BB76-410D-8FB9-88A8C762AFF0} => C:\Windows\system32\pcalua.exe -a "C:\Users\David Hynek\Desktop\Fifa\Installer.exe" -d "C:\Users\David Hynek\Desktop\Fifa"
Task: {955D0839-41E1-4AD5-A277-08134858FEC5} - System32\Tasks\{85E0E4B9-F1DF-4398-9A85-45276493CB01} => C:\Windows\system32\pcalua.exe -a "D:\Tony Hawks Pro Skater HD\redist\dotnetfx35_SP1.exe" -d "D:\Tony Hawks Pro Skater HD\redist"
Task: {A744E4C1-A3EB-4045-8824-15CD2E67ECE9} - System32\Tasks\{35F6C9F1-D31A-48C2-86B2-D2FA052ACFA5} => C:\Users\David Hynek\Desktop\nba2k13\setup.exe
Task: {C78BC852-6BE9-4664-8EB9-831B5260DD36} - System32\Tasks\Driver Booster SkipUAC (David Hynek) => C:\Driver Booster\DriverBooster.exe
AlternateDataStreams: C:\ProgramData\Temp:FEF919E6 [136]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
MSCONFIG\Services: SkypeUpdate => 2
C:\Driver Booster

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppMgmt]
"ImagePath"="%SystemRoot%\system32\svchost.exe -k netsvcs"
[HKLM\SYSTEM\CurrentControlSet\Services\AppMgmt\Parameters]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"

=== End of ExportKey ===

========================= Folder: C:\Driver Booster ========================

not found.

====== End of Folder: ======

HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKLM\Software\Classes\PROTOCOLS\Handler\skype4com" => removed successfully
HKLM\Software\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => not found
"Chrome DefaultSearchURL" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
"HKLM\System\CurrentControlSet\Services\AppMgmt" => removed successfully
AppMgmt => service removed successfully
"HKLM\System\CurrentControlSet\Services\MBAMSwissArmy" => removed successfully
MBAMSwissArmy => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{076A5488-ACB7-4D32-986D-37D16C751E99}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{076A5488-ACB7-4D32-986D-37D16C751E99}" => removed successfully
C:\Windows\System32\Tasks\{3A8ABF8A-F4D3-4F96-AA2C-A2D2E6E9FFB7} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3A8ABF8A-F4D3-4F96-AA2C-A2D2E6E9FFB7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1564B3A6-BE9D-4709-B71C-E5A1D080110B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1564B3A6-BE9D-4709-B71C-E5A1D080110B}" => removed successfully
C:\Windows\System32\Tasks\{6D971D95-4BCE-475E-814D-7B5B7ED12181} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6D971D95-4BCE-475E-814D-7B5B7ED12181}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F5599BC-1F3B-4EA5-A182-41AFB2B20B52}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F5599BC-1F3B-4EA5-A182-41AFB2B20B52}" => removed successfully
C:\Windows\System32\Tasks\{8ECC7C99-91A0-4425-9848-D561C2F33333} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8ECC7C99-91A0-4425-9848-D561C2F33333}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4464C3E5-CE52-4304-B02F-7555AD1BC7E9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4464C3E5-CE52-4304-B02F-7555AD1BC7E9}" => removed successfully
C:\Windows\System32\Tasks\Games\UpdateCheck_S-1-5-21-1206595139-1558415813-2062055028-1001 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Games\UpdateCheck_S-1-5-21-1206595139-1558415813-2062055028-1001" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D76DE8D-A45D-48E9-9611-24EB48BA5A09}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D76DE8D-A45D-48E9-9611-24EB48BA5A09}" => removed successfully
C:\Windows\System32\Tasks\{71E8A89D-5150-4D4D-8883-F147BB9FFE09} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{71E8A89D-5150-4D4D-8883-F147BB9FFE09}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8FE0C739-AC04-4B8B-ADCE-71876BE00B2F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FE0C739-AC04-4B8B-ADCE-71876BE00B2F}" => removed successfully
C:\Windows\System32\Tasks\{BC2709D5-BB76-410D-8FB9-88A8C762AFF0} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BC2709D5-BB76-410D-8FB9-88A8C762AFF0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{955D0839-41E1-4AD5-A277-08134858FEC5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{955D0839-41E1-4AD5-A277-08134858FEC5}" => removed successfully
C:\Windows\System32\Tasks\{85E0E4B9-F1DF-4398-9A85-45276493CB01} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{85E0E4B9-F1DF-4398-9A85-45276493CB01}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A744E4C1-A3EB-4045-8824-15CD2E67ECE9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A744E4C1-A3EB-4045-8824-15CD2E67ECE9}" => removed successfully
C:\Windows\System32\Tasks\{35F6C9F1-D31A-48C2-86B2-D2FA052ACFA5} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{35F6C9F1-D31A-48C2-86B2-D2FA052ACFA5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C78BC852-6BE9-4664-8EB9-831B5260DD36}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C78BC852-6BE9-4664-8EB9-831B5260DD36}" => removed successfully
C:\Windows\System32\Tasks\Driver Booster SkipUAC (David Hynek) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (David Hynek)" => removed successfully
C:\ProgramData\Temp => ":FEF919E6" ADS removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService" => removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MBAMService" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate" => removed successfully
HKLM\System\CurrentControlSet\Services\SkypeUpdate => not found
"C:\Driver Booster" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5494368 B
Java, Flash, Steam htmlcache => 58847749 B
Windows/system/drivers => 24331 B
Edge => 0 B
Chrome => 694102872 B
Firefox => 5508470 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
UpdatusUser => 0 B
David Hynek => 67392654 B
UpdatusUser => 0 B

RecycleBin => 4029485 B
EmptyTemp: => 804.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:21:24 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#8 Příspěvek od Conder »

:arrow: Vyzera to OK. Nastala nejaka zmena alebo su este nejake problemy?

:arrow: Odporucam doinstalovat vsetky dolezite aktualizacie cez Windows Update.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Simicek
Návštěvník
Návštěvník
Příspěvky: 173
Registrován: 23 črc 2008 19:09

Re: Prosím o kontrolu

#9 Příspěvek od Simicek »

Žádná problém vše okey. Aktualizace doinstaluji.

Děkuji za super práci a přeji hezký den.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#10 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět