Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
nysa
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 16 zář 2014 16:21

Kontrola

#1 Příspěvek od nysa »

Ahoj, prosím o kontrolu logu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2018-08-13 10:00:15
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 138 GB (23%) free of 610 GB
Total RAM: 3582 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:00:16, on 13.8.2018
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16708)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Avira\Launcher\Avira.Systray.exe
C:\Windows\system32\DllHost.exe
C:\Users\Lenka\Downloads\RSIT.exe
C:\Program Files\trend micro\Lenka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\Launcher.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate1ca5eefa774ed9c) (gupdate1ca5eefa774ed9c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - C:\Windows\system32\PrintCtrl.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7708 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "extensions.enabledItems" - "piclens@cooliris.com:1.12.2.44079, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3, {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18, {69D30031-F4A8-452a-A5B3-5D6787C3C5CF}:3.6, {c1dffba0-628e-11d9-9669-0800200c9a66}:3.6.3"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_30_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdbplug.xpt
nppl3260.xpt
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class

C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\extensions\
piclens@cooliris.com
{20a82645-c095-46ed-80e3-08825760534b}
{7c231677-e4fb-44ac-80a5-c87fcb7c2be9}

C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\searchplugins\
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-18 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-10 4468736]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2016-10-26 831576]
"Avira SystrayStartTrigger"=C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [2018-02-12 67040]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-05-18 296056]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-15 2398776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files\BlueStacks\HD-Agent.exe [2013-06-10 601928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jing]
C:\Program Files\TechSmith\Jing\Jing.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LG LinkAir]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerBlock]
C:\Program Files\PeerBlock\peerblock.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrintDisp]
C:\Windows\system32\PrintDisp.exe [2011-02-19 826368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~1\WIBUKEY\Server\WkSvMgr.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GIGABYTE OC_GURU.lnk - C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\Launcher.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2018-08-13 09:54:59 ----D---- C:\Program Files\trend micro
2018-08-13 09:54:58 ----D---- C:\rsit
2018-08-12 18:41:09 ----D---- C:\Program Files\CPUID
2018-08-10 13:54:50 ----D---- C:\Users\Lenka\AppData\Roaming\NVIDIA
2018-07-26 16:43:36 ----A---- C:\Windows\system32\vulkaninfo.exe
2018-07-26 16:43:36 ----A---- C:\Windows\system32\vulkan-1.dll
2018-07-26 16:43:20 ----D---- C:\Program Files\VulkanRT
2018-07-26 16:43:14 ----D---- C:\ProgramData\NVIDIA
2018-07-26 16:42:41 ----A---- C:\Windows\system32\nvvsvc.exe
2018-07-26 16:42:41 ----A---- C:\Windows\system32\nvshext.dll
2018-07-26 16:42:41 ----A---- C:\Windows\system32\nv3dappshextr.dll
2018-07-26 16:42:41 ----A---- C:\Windows\system32\nv3dappshext.dll
2018-07-26 16:42:40 ----A---- C:\Windows\system32\nvsvcr.dll
2018-07-26 16:42:40 ----A---- C:\Windows\system32\nvsvc.dll
2018-07-26 16:42:40 ----A---- C:\Windows\system32\nvmctray.dll
2018-07-26 16:42:40 ----A---- C:\Windows\system32\nvcpl.dll
2018-07-26 16:42:11 ----A---- C:\Windows\system32\OpenCL.dll
2018-07-26 16:37:35 ----A---- C:\Windows\system32\nvwgf2um.dll
2018-07-26 16:37:35 ----A---- C:\Windows\system32\nvhdap32.dll
2018-07-26 16:37:35 ----A---- C:\Windows\system32\nvhdagenco3220103.dll
2018-07-26 16:37:35 ----A---- C:\Windows\system32\drivers\nvhda32v.sys
2018-07-26 16:37:34 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2018-07-26 16:37:34 ----A---- C:\Windows\system32\nvopencl.dll
2018-07-26 16:37:33 ----A---- C:\Windows\system32\nvoglv32.dll
2018-07-26 16:37:33 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2018-07-26 16:37:33 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2018-07-26 16:37:33 ----A---- C:\Windows\system32\nvdispgenco3236519.dll
2018-07-26 16:37:33 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2018-07-26 16:37:32 ----A---- C:\Windows\system32\nvdispco3236519.dll
2018-07-26 16:37:32 ----A---- C:\Windows\system32\nvd3dum.dll
2018-07-26 16:37:32 ----A---- C:\Windows\system32\nvcuvid.dll
2018-07-26 16:37:32 ----A---- C:\Windows\system32\nvcuda.dll
2018-07-26 16:37:29 ----A---- C:\Windows\system32\nvcompiler.dll
2018-07-26 16:37:29 ----A---- C:\Windows\system32\nvapi.dll
2018-07-26 16:32:29 ----D---- C:\NVIDIA
2018-07-26 16:00:51 ----D---- C:\ProgramData\Battle.net
2018-07-26 15:40:29 ----D---- C:\GvTemp
2018-07-26 15:36:02 ----ASH---- C:\hiberfil.sys
2018-07-26 15:20:17 ----D---- C:\Program Files\GIGABYTE

======List of files/folders modified in the last 1 month======

2018-08-13 10:00:15 ----D---- C:\Windows\Temp
2018-08-13 09:54:59 ----RD---- C:\Program Files
2018-08-13 09:13:32 ----D---- C:\Windows\system32\Tasks
2018-08-13 09:12:39 ----D---- C:\Program Files\CCleaner
2018-08-13 08:59:22 ----SHD---- C:\Windows\Installer
2018-08-13 08:58:47 ----SHD---- C:\System Volume Information
2018-08-13 08:37:52 ----D---- C:\ProgramData\Origin
2018-08-13 08:37:22 ----D---- C:\Users\Lenka\AppData\Roaming\vlc
2018-08-12 19:08:39 ----D---- C:\Windows\inf
2018-08-12 14:35:59 ----D---- C:\Windows
2018-08-12 11:54:33 ----D---- C:\Windows\System32
2018-08-12 11:54:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-10 14:37:27 ----D---- C:\Windows\SoftwareDistribution
2018-08-10 14:37:25 ----D---- C:\Windows\Minidump
2018-08-10 14:30:31 ----D---- C:\AdwCleaner
2018-08-05 11:32:23 ----D---- C:\Program Files\Mozilla Firefox
2018-08-04 18:04:37 ----D---- C:\Program Files\Google
2018-07-30 15:28:41 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-07-30 15:28:38 ----D---- C:\Windows\system32\Macromed
2018-07-26 16:44:38 ----D---- C:\Windows\system32\catroot
2018-07-26 16:43:57 ----D---- C:\Windows\system32\drivers
2018-07-26 16:43:17 ----D---- C:\temp
2018-07-26 16:43:14 ----HD---- C:\ProgramData
2018-07-26 16:42:38 ----D---- C:\Windows\Help
2018-07-26 16:42:38 ----D---- C:\Program Files\NVIDIA Corporation
2018-07-26 16:41:14 ----D---- C:\ProgramData\NVIDIA Corporation
2018-07-26 16:40:19 ----D---- C:\Windows\system32\catroot2
2018-07-26 15:21:37 ----HD---- C:\Program Files\InstallShield Installation Information
2018-07-17 00:02:15 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-10-29 320120]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-31 20624]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2016-10-26 140272]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-05-05 37896]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-12-10 243128]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2016-10-26 115600]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [2013-06-10 63816]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-10 1775712]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2016-05-10 170128]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2016-05-10 10720312]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\Windows\system32\DRIVERS\Rockey4.sys [2012-02-11 26976]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-06-23 259176]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae.sys []
S2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys []
S3 a4a3irau;a4a3irau; C:\Windows\system32\drivers\a4a3irau.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2007-08-20 27672]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2008-12-08 16608]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys []
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys []
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys []
S3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys []
S3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys []
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2016-10-26 470600]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2016-10-26 470600]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [2018-02-12 310096]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [2013-06-10 384840]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-15 931896]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-15 1881144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-05-10 908344]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2009-10-28 65536]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-12 772296]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2016-10-26 970632]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2016-10-26 1253352]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files\BlueStacks\HD-Service.exe [2013-06-10 393032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 gupdate1ca5eefa774ed9c;Služba Google Update (gupdate1ca5eefa774ed9c); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-30 335872]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-02-12 85096]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-02-11 1045328]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-13 194104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2018-04-13 174032]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2018-05-25 2167056]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Upozornujem, ze Windows Vista uz nie je podporovany system.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
:arrow: Pokial posledna verzia AdwCleaneru nepojde spustit, tak pouzi tieto nastroje:
:arrow: Stiahni AdwCleaner 6.046 (posledna verzia kompatibilna s WinXP): https://filehippo.com/download_adwcleaner/74895/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Scan (Skenovanie) a pockaj na dokoncenie
  • Klikni na Clean (Cistenie) a potvrd kliknutim na OK
  • AdwCleaner si vyziada restart PC, potvrd kliknutim na OK
  • Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
:arrow: Stiahni Junkware Removal Tool (JRT): https://downloads.malwarebytes.com/file/JRT-EOL/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti JRT ako spravca
  • Stlac lubovolnu klavesu cim sa spusti cistenie
  • Po dokonceni sa otvori log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

nysa
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 16 zář 2014 16:21

Re: Kontrola

#3 Příspěvek od nysa »

upgrade systému plánuju v nejbližší době

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-10.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-13-2018
# Duration: 00:00:40
# OS: Windows Vista (TM) Home Premium
# Scanned: 41771
# Detected: 6


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C63EC41A-4C53-4961-961D-76EF2BF5A8BC}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DRIVERTOOLKIT AUTORUN

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy Managera
PUP.Optional.Legacy Extutil
PUP.Optional.uTorrentTB pacgpkgadgmibnhpdidcnfafllnmeomc
PUP.Optional.uTorrentTB pacgpkgadgmibnhpdidcnfafllnmeomc

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1953 octets] - [10/08/2018 14:30:31]
AdwCleaner[C00].txt - [1991 octets] - [10/08/2018 14:31:18]
AdwCleaner[S01].txt - [25602 octets] - [13/08/2018 09:05:19]
AdwCleaner[C01].txt - [23085 octets] - [13/08/2018 09:06:08]
AdwCleaner[S02].txt - [1919 octets] - [13/08/2018 09:11:50]
AdwCleaner[C02].txt - [1993 octets] - [13/08/2018 09:13:32]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola

#4 Příspěvek od Conder »

:arrow: V AdwCleaneri je este potrebne odstranit najdene hrozby.

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

nysa
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 16 zář 2014 16:21

Re: Kontrola

#5 Příspěvek od nysa »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02.08.2018
Ran by Lenka (administrator) on NASPC (13-08-2018 20:29:44)
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka & Petra & TaĹĄka & TuÄŤka & Guest)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
() C:\Windows\System32\PSIService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(forum.viry.cz) C:\Users\Lenka\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4468736 2007-05-10] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [831576 2016-10-26] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67040 2018-02-12] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296056 2012-05-18] (RealNetworks, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2018-07-26]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\Launcher.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\TuÄŤka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk [2017-11-17]
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (SpoleÄŤnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 84.16.110.129 84.16.96.2
Tcpip\..\Interfaces\{D685CB04-1893-4C1C-8FE7-5080986A74B6}: [DhcpNameServer] 84.16.110.129 84.16.96.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-667600844-4042081094-1971980655-1003\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-18] (RealPlayer)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

FireFox:
========
FF DefaultProfile: 6dilfgky.default
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default [2018-08-13]
FF Homepage: Mozilla\Firefox\Profiles\6dilfgky.default -> about:home
FF Extension: (Flash Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-08-10]
FF Extension: (Cooliris) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\piclens@cooliris.com [2012-02-10] [Legacy] [not signed]
FF Extension: (Google Translator for Firefox) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\translator@zoli.bod.xpi [2017-08-31] [Legacy]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-17] [Legacy] [not signed]
FF Extension: (Stylish) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2017-08-31] [Legacy]
FF Extension: (Ultimate Finder) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-16] [Legacy] [not signed]
FF Extension: (Adblock Plus) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-08-10]
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\kpmt7ry8.namozilu [2017-09-01]
FF Homepage: Mozilla\Firefox\Profiles\kpmt7ry8.namozilu -> about:home
FF NewTab: Mozilla\Firefox\Profiles\kpmt7ry8.namozilu -> about:newtab
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-06-15] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: (RealPlayer Browser Record Plugin) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2016-02-13] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-30] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2012-05-18] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-667600844-4042081094-1971980655-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lenka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-667600844-4042081094-1971980655-1003: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-29] ()
FF Plugin HKU\S-1-5-21-667600844-4042081094-1971980655-1003: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default [2017-12-09]
CHR Extension: (Last.fm free music player) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbncpldmanoknoahidbgmkgobgmhnafh [2014-09-22]
CHR Extension: (AdBlock) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-24]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-07-01]
CHR Extension: (Peněženka Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-01]
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-08-26]
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-08-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-12-11]
CHR Extension: (No Name) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-11]
CHR Extension: (Google Wallet) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-12-11]
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2 [2015-08-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-12-11]
CHR Extension: (No Name) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-12]
CHR Extension: (Google Wallet) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-12-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-06-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-07-30] (Adobe Systems Incorporated) [File not signed]
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [970632 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [470600 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [470600 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1253352 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [310096 2018-02-12] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-06-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-10] (BlueStack Systems, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1045328 2012-02-11] (Flexera Software, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [931896 2016-06-15] (NVIDIA Corporation)
S2 gupdate1ca5eefa774ed9c; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2167056 2018-05-25] (Electronic Arts)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [65536 2009-10-28] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [File not signed]
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [20624 2012-10-31] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [115600 2016-10-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140272 2016-10-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-06-10] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-12-10] (Disc Soft Ltd)
S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [27672 2007-08-20] (EnTech Taiwan)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (SpoleÄŤnost Microsoft)
S3 gdrv; C:\Windows\gdrv.sys [16608 2008-12-08] (Windows (R) 2000 DDK provider)
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI)
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (SpoleÄŤnost Microsoft)
R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [26976 2012-02-11] (Feitian Technologies Co., Ltd.)
S4 secdrv; C:\Windows\system32\Drivers\secdrv.sys [163644 2017-08-31] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-10-29] (Duplex Secure Ltd.)
U3 aaymuygo; C:\Windows\system32\Drivers\aaymuygo.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S1 ESProtectionDriver; \??\C:\Windows\system32\drivers\mbae.sys [X]
S3 LgBttPort; system32\DRIVERS\lgbtport.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [X]
S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
S3 MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [X]
S3 MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Petra\Desktop\pája staví .. ... "
Error(1) reading file: "C:\Users\Petra\Desktop\pája staví .. "
2018-08-13 20:29 - 2018-08-13 20:30 - 000019277 _____ C:\Users\Lenka\Desktop\FRST.txt
2018-08-13 20:28 - 2018-08-13 20:28 - 000112640 _____ (forum.viry.cz) C:\Users\Lenka\Desktop\FRSTLauncher.exe
2018-08-13 20:24 - 2018-08-13 20:24 - 001773056 _____ (Farbar) C:\Users\Lenka\Desktop\FRST.exe
2018-08-13 20:09 - 2018-08-13 20:09 - 007417040 _____ (Malwarebytes) C:\Users\Lenka\Downloads\adwcleaner_7.2.2(1).exe
2018-08-13 09:54 - 2018-08-13 10:00 - 000000000 ____D C:\Program Files\trend micro
2018-08-13 09:54 - 2018-08-13 09:55 - 000000000 ____D C:\rsit
2018-08-13 09:54 - 2018-08-13 09:54 - 001107968 _____ C:\Users\Lenka\Downloads\RSIT.exe
2018-08-12 18:41 - 2018-08-12 18:41 - 000000857 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2018-08-12 18:41 - 2018-08-12 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2018-08-12 18:41 - 2018-08-12 18:41 - 000000000 ____D C:\Program Files\CPUID
2018-08-12 18:40 - 2018-08-12 18:40 - 001803392 _____ (CPUID, Inc. ) C:\Users\Lenka\Downloads\cpu-z_1.86-en.exe
2018-08-10 14:29 - 2018-08-10 14:29 - 007417040 _____ (Malwarebytes) C:\Users\Lenka\Downloads\adwcleaner_7.2.2.exe
2018-08-10 13:55 - 2018-08-13 16:40 - 000000000 ____D C:\Users\Lenka\AppData\Local\CrashDumps
2018-08-10 13:54 - 2018-08-10 13:54 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\NVIDIA
2018-08-10 13:52 - 2018-08-10 13:53 - 033411072 _____ C:\Users\Lenka\Downloads\EpicInstaller-7.14.2.msi
2018-08-04 18:04 - 2018-08-04 18:04 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-07-30 14:59 - 2018-08-05 11:26 - 000000000 ____D C:\Users\Petra\Documents\temp
2018-07-29 15:12 - 2018-07-29 15:12 - 000000000 ____D C:\Users\TuÄŤka\AppData\Local\CrashDumps
2018-07-29 11:05 - 2018-07-29 11:05 - 000000000 ____D C:\Users\TuÄŤka\AppData\Local\NVIDIA
2018-07-26 16:43 - 2018-07-26 16:43 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-26 16:43 - 2018-07-26 16:43 - 000000000 ____D C:\Program Files\VulkanRT
2018-07-26 16:43 - 2016-05-04 04:23 - 000129824 _____ C:\Windows\system32\vulkan-1.dll
2018-07-26 16:43 - 2016-05-04 04:22 - 000040224 _____ C:\Windows\system32\vulkaninfo.exe
2018-07-26 16:42 - 2016-05-10 05:46 - 000203320 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 003948480 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 002590656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 002563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000908344 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2018-07-26 16:42 - 2016-05-10 01:45 - 000436672 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000381888 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000068544 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-07-26 16:42 - 2016-05-06 15:48 - 006423191 _____ C:\Windows\system32\nvcoproc.bin
2018-07-26 16:37 - 2016-05-10 19:43 - 000926520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll
2018-07-26 16:37 - 2016-05-10 19:43 - 000170128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2018-07-26 16:37 - 2016-05-10 19:43 - 000035984 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 037569080 _____ C:\Windows\system32\nvcompiler.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 025344960 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 017768992 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 017362992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 016449424 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 014129544 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 010720312 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-07-26 16:37 - 2016-05-10 05:46 - 008674064 _____ C:\Windows\system32\nvptxJitCompiler.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 003286480 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 002810936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 001068600 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3236519.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000925752 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3236519.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000571912 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000379448 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000031406 _____ C:\Windows\system32\nvinfo.pb
2018-07-26 16:37 - 2016-05-10 05:46 - 000000592 _____ C:\Windows\system32\nv-vk32.json
2018-07-26 16:32 - 2018-07-26 16:32 - 000000000 ____D C:\NVIDIA
2018-07-26 16:24 - 2018-07-26 16:29 - 282594864 _____ (NVIDIA Corporation) C:\Users\Lenka\Downloads\365.19-desktop-win8-win7-winvista-32bit-international-whql.exe
2018-07-26 16:14 - 2018-07-26 16:14 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup(3).exe
2018-07-26 16:11 - 2018-07-26 16:11 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup(2).exe
2018-07-26 16:01 - 2018-07-26 16:01 - 000000000 ____D C:\Users\Lenka\AppData\Local\Blizzard
2018-07-26 16:00 - 2018-07-26 16:01 - 000000000 ____D C:\ProgramData\Battle.net
2018-07-26 16:00 - 2018-07-26 16:00 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup(1).exe
2018-07-26 15:59 - 2018-07-26 16:00 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup.exe
2018-07-26 15:47 - 2018-07-26 15:47 - 000000000 ____D C:\Users\Lenka\AppData\Local\Nvidia Corporation
2018-07-26 15:40 - 2018-08-13 08:17 - 000000000 ____D C:\Users\Lenka\Documents\temp
2018-07-26 15:40 - 2018-07-26 15:40 - 000000000 ____D C:\GvTemp
2018-07-26 15:38 - 2018-07-26 15:46 - 000000000 ____D C:\Users\Lenka\AppData\Local\NVIDIA
2018-07-26 15:34 - 2018-07-26 15:45 - 000001170 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-07-26 15:20 - 2018-07-26 15:20 - 000001970 _____ C:\Users\Public\Desktop\GIGABYTE OC_GURU.lnk
2018-07-26 15:20 - 2018-07-26 15:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2018-07-26 15:20 - 2018-07-26 15:20 - 000000000 ____D C:\Program Files\GIGABYTE

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-13 20:29 - 2017-08-31 14:01 - 000000000 ____D C:\FRST
2018-08-13 20:28 - 2017-08-31 11:34 - 000000000 ____D C:\Users\Lenka\AppData\LocalLow\Mozilla
2018-08-13 20:13 - 2006-11-02 15:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-13 20:13 - 2006-11-02 14:47 - 000003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-13 20:13 - 2006-11-02 14:47 - 000003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-13 20:12 - 2006-11-02 15:01 - 000032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-08-13 16:43 - 2014-12-24 13:02 - 000000000 ____D C:\ProgramData\Origin
2018-08-13 13:31 - 2017-12-09 15:22 - 000022528 _____ C:\Users\Lenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-13 11:21 - 2009-12-30 14:11 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\vlc
2018-08-13 10:36 - 2010-01-17 10:47 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\dvdcss
2018-08-13 09:12 - 2015-07-25 18:58 - 000000804 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-08-13 09:12 - 2011-04-17 19:06 - 000000000 ____D C:\Program Files\CCleaner
2018-08-12 19:08 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\inf
2018-08-12 11:54 - 2008-01-21 08:47 - 001541246 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-12 11:54 - 2008-01-21 08:46 - 000648308 _____ C:\Windows\system32\perfh005.dat
2018-08-12 11:54 - 2008-01-21 08:46 - 000138914 _____ C:\Windows\system32\perfc005.dat
2018-08-10 14:42 - 2011-04-17 19:07 - 000000000 ____D C:\Users\Lenka\Documents\registry
2018-08-10 14:37 - 2009-11-08 12:34 - 000000000 ____D C:\Windows\Minidump
2018-08-10 14:30 - 2017-08-31 17:16 - 000000000 ____D C:\AdwCleaner
2018-08-05 11:44 - 2017-02-20 16:20 - 000000000 ____D C:\Users\TuÄŤka\AppData\LocalLow\Mozilla
2018-08-05 11:32 - 2017-08-20 14:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-08-04 18:04 - 2017-09-08 13:40 - 000002067 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-08-04 18:04 - 2009-01-24 21:33 - 000000000 ____D C:\Program Files\Google
2018-07-30 15:28 - 2012-06-10 11:19 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-07-30 15:28 - 2012-06-10 11:19 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-07-30 15:28 - 2008-11-06 15:25 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-26 16:44 - 2008-12-08 19:05 - 000000000 ____D C:\Users\Lenka
2018-07-26 16:43 - 2010-04-14 18:44 - 000000000 ____D C:\temp
2018-07-26 16:42 - 2012-12-02 10:30 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-07-26 16:42 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\Help
2018-07-26 16:41 - 2012-12-02 10:34 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-07-26 16:30 - 2009-06-24 15:09 - 000000000 ____D C:\Users\Lenka\Documents\Electronic Arts
2018-07-26 15:34 - 2008-12-08 21:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-07-26 15:27 - 2012-12-02 10:36 - 000000000 ____D C:\Users\UpdatusUser
2018-07-26 15:21 - 2008-11-06 14:28 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2018-07-26 15:13 - 2010-06-21 14:35 - 000001356 _____ C:\Users\Lenka\AppData\Local\d3d9caps.dat
2018-07-17 00:02 - 2009-10-03 08:25 - 000480888 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-08-27 12:29 - 2015-08-27 12:29 - 000128626 _____ () C:\Users\Petra\cc_20150827_122906.reg
2015-08-27 12:38 - 2015-08-27 12:38 - 000324580 _____ () C:\Users\TaĹĄka\cc_20150827_123831.reg
2015-08-27 12:39 - 2015-08-27 12:39 - 000000788 _____ () C:\Users\TaĹĄka\cc_20150827_123902.reg
2015-08-27 12:43 - 2015-08-27 12:43 - 000110996 _____ () C:\Users\TuÄŤka\cc_20150827_124257.reg
2014-10-29 16:27 - 2014-10-29 16:28 - 000005960 _____ () C:\Program Files\log.txt
2009-10-17 19:04 - 2010-10-02 15:41 - 000000141 _____ () C:\Users\Lenka\AppData\Roaming\default.rss
2008-12-16 20:17 - 2008-12-16 20:17 - 000000235 _____ () C:\Users\Lenka\AppData\Roaming\devices.xml
2008-12-16 20:17 - 2008-12-16 20:17 - 000000012 _____ () C:\Users\Lenka\AppData\Roaming\settings.xml
2010-06-21 14:35 - 2018-07-26 15:13 - 000001356 _____ () C:\Users\Lenka\AppData\Local\d3d9caps.dat
2017-12-09 15:22 - 2018-08-13 13:31 - 000022528 _____ () C:\Users\Lenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2017-09-01 11:08 - 2017-09-01 11:08 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\avgnt.exe
2015-01-05 17:32 - 2016-02-13 20:24 - 000000000 ____D () C:\Users\Petra\AppData\Local\Temp\avgnt.exe
2015-11-13 14:07 - 2015-11-28 12:06 - 033860608 _____ () C:\Users\Petra\AppData\Local\Temp\SkypeSetup.exe
2015-03-08 15:37 - 2015-03-08 15:37 - 000000000 ____D () C:\Users\TaĹĄka\AppData\Local\Temp\avgnt.exe
2015-01-08 18:37 - 2015-01-08 18:37 - 000000000 ____D () C:\Users\TuÄŤka\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Lenka\Desktop" je 2 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
C:\Program Files\BlueStacks\HD-Agent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core
"C:\Program Files\Electronic Arts\EADM\Core.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jing
C:\Program Files\TechSmith\Jing\Jing.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LG LinkAir
C:\Program Files\PeerBlock\peerblock.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerBlock
C:\Windows\system32\PrintDisp.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrintDisp
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
Re§im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk
C:\PROGRA~1\WIBUKEY\Server\WkSvMgr.exe [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02.08.2018
Ran by Lenka (13-08-2018 20:30:28)
Running from C:\Users\Lenka\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2008-12-08 16:57:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-667600844-4042081094-1971980655-500 - Administrator - Disabled)
Guest (S-1-5-21-667600844-4042081094-1971980655-501 - Limited - Disabled) => C:\Users\Guest
Lenka (S-1-5-21-667600844-4042081094-1971980655-1003 - Administrator - Enabled) => C:\Users\Lenka
Petra (S-1-5-21-667600844-4042081094-1971980655-1004 - Administrator - Enabled) => C:\Users\Petra
Taťka (S-1-5-21-667600844-4042081094-1971980655-1005 - Limited - Enabled) => C:\Users\Taťka
Tučka (S-1-5-21-667600844-4042081094-1971980655-1263 - Limited - Enabled) => C:\Users\Tučka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activation (Nero 9 HD) (HKLM\...\{a63187f6-6aea-41ea-a218-22f943beb67e}) (Version: - Nero AG)
Activation (Nero BackItUp 4) (HKLM\...\{d6c05fd4-eefa-493c-8904-2b7fa22b9ab6}) (Version: - Nero AG)
Activation (Nero MediaHome 4) (HKLM\...\{a130e290-dac7-462d-a533-4437efdbadb8}) (Version: - Nero AG)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (HKLM\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Advertising Center (HKLM\...\{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}) (Version: 0.0.0.1 - Nero AG) Hidden
Aktualizace NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_PROR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_PROR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_PROR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ArchiCAD 16 CZE (HKLM\...\001FFF1FFF16FF00FF1101F01F02F000-R1) (Version: 16.0 - GRAPHISOFT)
Artlantis Studio 4.0 (HKLM\...\Artlantis Studio 4) (Version: 4.0.14 - Abvent R&D)
ArtRage Studio Pro (HKLM\...\{43F81BD1-10E1-4CCE-BCAF-E3100F039D6B}) (Version: 3.0.7 - Ambient Design)
Audiosurf (HKLM\...\{6D316D67-DA52-4659-9C98-F479963534D6}) (Version: 1.00.0000 - BestGameEver)
AutoCAD 2012 - Czech (HKLM\...\{5783F2D7-A001-0405-0002-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 - Czech (HKLM\...\AutoCAD 2012 - Czech) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 Language Pack - Czech (HKLM\...\{5783F2D7-A001-0405-1002-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD Architecture 2009 - Český (HKLM\...\{5783F2D7-7004-0405-0002-0060B0CE6BBA}) (Version: 5.7.68.0 - Autodesk) Hidden
AutoCAD Architecture 2009 - Český (HKLM\...\AutoCAD Architecture 2009 - Český) (Version: 5.7.68.0 - Autodesk)
Autodesk Content Service (HKLM\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk Material Library 2012 (HKLM\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.19.164 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{18C7265D-7754-457D-83A4-492A62F02591}) (Version: 1.1.68.2326 - Avira Operations GmbH & Co. KG) Hidden
Avira Launcher (HKLM\...\{b7a1a821-b592-485a-886c-b744b4dbe004}) (Version: 1.1.68.2326 - Avira Operations GmbH & Co. KG)
BlueStacks Notification Center (HKLM\...\{6397E61B-A6B5-4479-85A4-0F746D6B328F}) (Version: 0.7.13.899 - BlueStack Systems, Inc.)
Blu-ray Disc Authoring Plug-in (HKLM\...\{f58e0570-b3da-4f53-95cf-22de5b19b67a}) (Version: - Nero AG)
Blu-ray Video Plug-in (HKLM\...\{c9d9a0e0-fdbb-40c2-b73a-b094456dd019}) (Version: - Nero AG)
Blu-ray/HD DVD Video Plug-in (HKLM\...\{25d95fb5-6ca8-4357-87ce-1f4ad0ffcdb3}) (Version: - Nero AG)
CADKON-2D 2009.1 (HKLM\...\{0ABCECAD-0600-0400-0100-0ABCECAD0090}) (Version: 13.10.0000 - AB Studio) Hidden
CADKON-2D 2009.1 pro ACD-A 2009 (HKLM\...\InstallShield_{0ABCECAD-0600-0400-0100-0ABCECAD0090}) (Version: 13.10.0000 - AB Studio)
capella 7 (HKLM\...\{805309CD-4AE4-4587-9EEA-03148871A414}) (Version: 7.1.14 - capella software AG)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Connect (HKLM\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Corel Painter Essentials 4 (HKLM\...\_{53A908D4-99C6-469B-BC13-F4189F260742}) (Version: - Corel Corporation)
Corel Painter Essentials 4 (HKLM\...\{53A908D4-99C6-469B-BC13-F4189F260742}) (Version: 4.0 - Corel Corporation) Hidden
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DolbyFiles (HKLM\...\{56BE5CC9-95E6-4128-ABEA-968414CA9C80}) (Version: 2.0 - Nero AG) Hidden
Dropbox (HKU\S-1-5-21-667600844-4042081094-1971980655-1003\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Frets On Fire (HKLM\...\Frets on Fire) (Version: 1.3.110-win32 - )
GIGABYTE OC_GURU II (HKLM\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.96.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.96.0000 - GIGABYTE Technology Co.,Ltd.)
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gracenote Plug-in (HKLM\...\{dbd178fc-63fc-456f-aeb8-5389771e5b9c}) (Version: - Nero AG)
ICQ7.4 (HKLM\...\{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}) (Version: 7.4 - ICQ)
ImagXpress (HKLM\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
kuler (HKLM\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Livestream for Producers (HKLM\...\{53466613-9260-4814-AE66-7F3A3FA978D3}) (Version: 0.0.64 - Livestream)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM\...\{B44F3823-52DD-45CA-A916-8B320778715D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 52.7.3 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.7.3 ESR (x86 cs)) (Version: 52.7.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.7.3.6655 - Mozilla)
mp3PRO Plug-in (HKLM\...\{4dbf3958-5338-4d66-86e0-670c39dd3fc5}) (Version: - Nero AG)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero BackItUp 4 (HKLM\...\{e219f9a4-16b3-4816-82de-ffcb8599e734}) (Version: - Nero AG)
Nero InCD-Reader (HKLM\...\{8404580d-8c12-4f3c-9b19-b026251975ee}) (Version: - Nero AG)
Nero MediaHome 4 (HKLM\...\{e0b72183-d712-4a7e-97ad-7404bf3f8140}) (Version: - Nero AG)
Nero Move it (HKLM\...\{645271dd-9437-4ca0-b4a5-30f4590cff13}) (Version: - Nero AG)
Notová Osnova (HKLM\...\Notová Osnova) (Version: 1.00 - PC-MarKo)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice.org 3.0 (HKLM\...\{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}) (Version: 3.0.9358 - OpenOffice.org)
Origin (HKLM\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 365.19 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS4 (HKLM\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.1 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v9.6 (HKLM\...\{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}) (Version: 9.6 - Spigot, Inc.) <==== ATTENTION
PhotoFiltre (HKLM\...\PhotoFiltre) (Version: - )
Photoshop Camera Raw (HKLM\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5413 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
SecurDisc Viewer (HKLM\...\{ea720de1-d14a-4e88-9878-61db27e1d103}) (Version: - Nero AG)
Segoe UI (HKLM\...\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}) (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SketchUp 2013 (HKLM\...\{72B622C9-AA10-47D7-A10C-377CF9BC8502}) (Version: 13.0.4124 - Trimble Navigation Limited)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Suite Shared Configuration CS4 (HKLM\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
SweetIM for Messenger 3.0 (HKLM\...\{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}) (Version: 3.0.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Sims™ 4 (HKLM\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.45.62.1020 - Electronic Arts Inc.)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-667600844-4042081094-1971980655-1003\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Manager (HKLM\...\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}) (Version: 4.60 - Corel Corporation) Hidden
VBA (2627.01) (HKLM\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2720) (HKLM\...\{1727CD47-A408-11d2-AFAD-00C04F72FB3E}) (Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (HKLM\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
Vegas Pro 10.0 (HKLM\...\{5AC11070-A1CB-11E0-A0DC-0013D3D69929}) (Version: 10.0.737 - Sony)
VLC media player 1.0.1 (HKLM\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-667600844-4042081094-1971980655-1003\...\WinDirStat) (Version: - )
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Zkušební verze produktu Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Zoo Tycoon 2 (HKLM\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{09D5408E-9690-46E3-B0CA-9A7A36FEF2A5}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Lenka\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{517C01D5-4E55-5627-A7A6-C680043FD3AF}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{5AFAFE48-7107-4FE5-B21A-86A4254541DD}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.dll (InstallShield Software Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{AAC30F99-D832-421A-BCEE-B699491916AA}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E42CE23D-69F9-480A-A15F-BFF5E4D170C3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2011-02-04] (Autodesk)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2008-09-29] (Nero AG)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers1: [PSPad] -> {8903F6C9-25E3-40AC-A98F-E6D35CD0469C} => C:\Program Files\PSPad editor\PSPadShell.dll [2008-03-30] ()
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\AntiVir Desktop\shlext.dll [2016-10-26] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-08-29] ()
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-08-29] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-05-10] (NVIDIA Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\AntiVir Desktop\shlext.dll [2016-10-26] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-08-29] ()
ContextMenuHandlers1_S-1-5-21-667600844-4042081094-1971980655-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-667600844-4042081094-1971980655-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-667600844-4042081094-1971980655-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {1208743E-61F8-4539-833C-3A9C5E392DCB} - System32\Tasks\{F59721B4-1D55-4D49-967D-72B793B03CD9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Common Files\Nero\Uninstall\setupx.exe" -c /uninstall ExtraUninstallID=""
Task: {1468EA04-10F8-4B40-9BFE-6FD2E583C18F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-30] (Adobe Systems Incorporated)
Task: {220D5908-8889-492D-9774-14912EC3EC40} - System32\Tasks\{C2FF93A5-AC0E-4F3E-AE85-EE8061B48526} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Graphisoft\ArchiCAD 13\Uninstall.AC\uninstaller.exe"
Task: {3E5CAAA3-1768-4DA7-AAD9-149AA4939B5E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {407E4B8E-7A6F-4089-ACC0-F9D255019DE8} - System32\Tasks\{65AD4699-EFB5-4339-B1CF-C5F5E1AF16DE} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.1.0.105/cs/abandoninstall?page=tsProgressBar
Task: {5A2BBE63-CF07-45B5-A815-87CA7FD7CF22} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {66D54D8A-5312-4198-91A0-F839F452468C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {71441071-A4E9-4386-AF1E-A6AE1D89115C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-30] (Adobe Systems Incorporated)
Task: {7B0E8ABF-80CB-4405-BC90-7947360564B1} - System32\Tasks\RealCreateProcessScheduledTask10430913S-1-5-21-667600844-4042081094-1971980655-1003 => c:\program files\real\realplayer\update\realsched.exe [2012-05-18] (RealNetworks, Inc.)
Task: {7FE97D8A-4078-469B-9C1C-DD943661D1BD} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1263 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {8DE3ADF5-C554-42F3-B323-F8F424FE5727} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe
Task: {8EE25BAE-4048-4B14-AEA6-C91C97201DEA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1006 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {8F16325C-7DC9-4B4E-83FF-2B2EF365F636} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1263 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {8F1E24B0-EB89-4234-9236-7FD1FB985BF7} - System32\Tasks\{2C127F6F-4F23-4EFD-AD9C-A3D893B923C4} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {9CEFCF6D-FA8C-4478-834B-878680125C08} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {9F5D61DB-3119-4E11-B290-961C874FE443} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {AAB2883D-6DB7-408B-99BE-0DF70104D2AF} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1006 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {AF0B2C89-9D36-41AF-B6BC-742D501AF699} - System32\Tasks\{2E99501F-84DB-441F-B5F6-CDEA7803299C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe" -c REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
Task: {C63EC41A-4C53-4961-961D-76EF2BF5A8BC} - \DriverToolkit Autorun -> No File <==== ATTENTION
Task: {CD1114C0-0419-4425-87C1-C429BF6D6C4D} - System32\Tasks\{6A88973A-6E84-489B-BF99-A6E415345D96} => "C:\Program Files\Internet Explorer\IEXPLORE.EXE" hxxp://ui.skype.com/ui/0/7.1.0.105/cs/abandoninstall?page=tsProgressBar
Task: {DA8A523E-3155-4F3A-A892-CD0D987B204B} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1003 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {E03463FB-A1CB-4FE8-8274-CE8B2DAA6EE9} - System32\Tasks\{D4E42282-B7C4-41DF-A1F7-4D869B5EA0BA} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.6.0.106/cs/abandoninstall?page=tsBing
Task: {E4E22FB1-F9E7-483C-B8CE-B4EB5531D159} - System32\Tasks\RealCreateProcessScheduledTask3228175S-1-5-21-667600844-4042081094-1971980655-1003 => c:\program files\real\realplayer\update\realsched.exe [2012-05-18] (RealNetworks, Inc.)
Task: {E833B7E7-DD4C-479A-BF51-B0E58FC1493F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {ED798D29-E0C8-4D5F-865F-8BC80243C3EB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1003 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {F1F6F137-E50E-49A3-9E62-40FDEF23C728} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FE9BD8BA-4F06-4600-B2F7-2C983BCC545B} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    File: C:\Windows\system32\napinsp.dll
    File: C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    File: C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
    File: C:\Program Files\Avira\AntiVir Desktop\sched.exe
    File: C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    File: C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
    File: C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    File: C:\Windows\system32\PrintCtrl.exe
    File: C:\Windows\system32\Drivers\secdrv.sys
    File: C:\Windows\system32\Drivers\aaymuygo.sys
    Folder: C:\GvTemp
    ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}
    ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}
    
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
    HKU\S-1-5-21-667600844-4042081094-1971980655-1003\Software\Microsoft\Internet Explorer\Main,Start Page = 
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    FF Plugin HKU\S-1-5-21-667600844-4042081094-1971980655-1003: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
    U3 aaymuygo; C:\Windows\system32\Drivers\aaymuygo.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
    S1 ESProtectionDriver; \??\C:\Windows\system32\drivers\mbae.sys [X]
    S3 LgBttPort; system32\DRIVERS\lgbtport.sys [X]
    S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [X]
    S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [X]
    S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
    S3 MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [X]
    S3 MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [X]
    S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
    S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
    S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
    S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
    2018-08-13 09:54 - 2018-08-13 10:00 - 000000000 ____D C:\Program Files\trend micro
    2018-08-13 09:54 - 2018-08-13 09:55 - 000000000 ____D C:\rsit
    2018-08-13 09:54 - 2018-08-13 09:54 - 001107968 _____ C:\Users\Lenka\Downloads\RSIT.exe
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> No File
    ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
    Task: {C63EC41A-4C53-4961-961D-76EF2BF5A8BC} - \DriverToolkit Autorun -> No File <==== ATTENTION
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

nysa
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 16 zář 2014 16:21

Re: Kontrola

#7 Příspěvek od nysa »

Fix result of Farbar Recovery Scan Tool (x86) Version: 02.08.2018
Ran by Lenka (14-08-2018 09:53:42) Run:1
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka & Petra & Taťka & Tučka & Guest)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Windows\system32\napinsp.dll
File: C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
File: C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
File: C:\Program Files\Avira\AntiVir Desktop\sched.exe
File: C:\Program Files\Avira\AntiVir Desktop\avguard.exe
File: C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
File: C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
File: C:\Windows\system32\PrintCtrl.exe
File: C:\Windows\system32\Drivers\secdrv.sys
File: C:\Windows\system32\Drivers\aaymuygo.sys
Folder: C:\GvTemp
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-667600844-4042081094-1971980655-1003\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin HKU\S-1-5-21-667600844-4042081094-1971980655-1003: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
U3 aaymuygo; C:\Windows\system32\Drivers\aaymuygo.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S1 ESProtectionDriver; \??\C:\Windows\system32\drivers\mbae.sys [X]
S3 LgBttPort; system32\DRIVERS\lgbtport.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [X]
S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
S3 MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [X]
S3 MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
2018-08-13 09:54 - 2018-08-13 10:00 - 000000000 ____D C:\Program Files\trend micro
2018-08-13 09:54 - 2018-08-13 09:55 - 000000000 ____D C:\rsit
2018-08-13 09:54 - 2018-08-13 09:54 - 001107968 _____ C:\Users\Lenka\Downloads\RSIT.exe
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
Task: {C63EC41A-4C53-4961-961D-76EF2BF5A8BC} - \DriverToolkit Autorun -> No File <==== ATTENTION

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Windows\system32\napinsp.dll ========================

C:\Windows\system32\napinsp.dll
File is digitally signed
MD5: FC62A635063B762E1C3C60EA77279378
Creation and modification date: 2008-01-21 04:24 - 2008-01-21 04:24
Size: 000050176
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: napinsp.dll
Original Name: napinsp.dll
Product: Microsoft® Windows® Operating System
Description: E-mail Naming Shim Provider
File Version: 6.0.6001.18000 (longhorn_rtm.080118-1840)
Product Version: 6.0.6001.18000
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/9c7ade3 ... 530025124/

====== End of File: ======


========================= File: C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ========================

C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
File not signed
MD5: 83F2FD354745C16CE5D5168432F7B4CE
Creation and modification date: 2012-06-10 11:19 - 2018-07-30 15:28
Size: 000335872
Attributes: ----A
Company Name: Adobe Systems Incorporated
Internal Name:
Original Name:
Product: Adobe® Flash® Player Update Service
Description: Adobe® Flash® Player Update Service 30.0 r0
File Version: 30,0,0,134
Product Version: 30,0,0,134
Copyright: Copyright © 1996-2018 Adobe Systems Incorporated
VirusTotal: https://www.virustotal.com/file/ebfdb6b ... 534114703/

====== End of File: ======


========================= File: C:\Program Files\Avira\AntiVir Desktop\avmailc.exe ========================

C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
File not signed
MD5: 8BA3AE7800EC209D5F3C499771B47690
Creation and modification date: 2016-10-26 13:35 - 2016-10-26 13:32
Size: 000970632
Attributes: ----A
Company Name: Avira Operations GmbH & Co. KG
Internal Name: avmailc.exe
Original Name: avmailc.exe
Product: Avira Product Family
Description: Antivirus MailScanner LSP Service
File Version: 15.0.19.163
Product Version: 15.0.19.163
Copyright: Copyright © 2016 Avira Operations GmbH & Co. KG and its Licensors
VirusTotal: https://www.virustotal.com/file/13ee354 ... 518710989/

====== End of File: ======


========================= File: C:\Program Files\Avira\AntiVir Desktop\sched.exe ========================

C:\Program Files\Avira\AntiVir Desktop\sched.exe
File not signed
MD5: AC0A0FDFB1C1FC25B9455C1C710A28DA
Creation and modification date: 2014-08-27 20:32 - 2016-10-26 13:32
Size: 000470600
Attributes: ----A
Company Name: Avira Operations GmbH & Co. KG
Internal Name: avguard_ld.exe
Original Name: avguard_ld.exe
Product: Avira Product Family
Description: Antivirus Host Framework Service
File Version: 15.0.19.163
Product Version: 15.0.19.163
Copyright: Copyright © 2016 Avira Operations GmbH & Co. KG and its Licensors
VirusTotal: https://www.virustotal.com/file/2b007c8 ... 518710962/

====== End of File: ======


========================= File: C:\Program Files\Avira\AntiVir Desktop\avguard.exe ========================

C:\Program Files\Avira\AntiVir Desktop\avguard.exe
File not signed
MD5: AC0A0FDFB1C1FC25B9455C1C710A28DA
Creation and modification date: 2014-08-27 20:32 - 2016-10-26 13:32
Size: 000470600
Attributes: ----A
Company Name: Avira Operations GmbH & Co. KG
Internal Name: avguard_ld.exe
Original Name: avguard_ld.exe
Product: Avira Product Family
Description: Antivirus Host Framework Service
File Version: 15.0.19.163
Product Version: 15.0.19.163
Copyright: Copyright © 2016 Avira Operations GmbH & Co. KG and its Licensors
VirusTotal: 0

====== End of File: ======


========================= File: C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE ========================

C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
File not signed
MD5: 6C208088B4562F5A63156F315356F0BE
Creation and modification date: 2016-10-26 13:35 - 2016-10-26 13:32
Size: 001253352
Attributes: ----A
Company Name: Avira Operations GmbH & Co. KG
Internal Name: avwebgrd.exe
Original Name: avwebgrd.exe
Product: Avira Product Family
Description: AntiVir WebGuard Service
File Version: 15.0.19.163
Product Version: 15.0.19.163
Copyright: Copyright © 2016 Avira Operations GmbH & Co. KG and its Licensors
VirusTotal: 0

====== End of File: ======


========================= File: C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe ========================

C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
File not signed
MD5: DAF66902F08796F9C694901660E5A64A
Creation and modification date: 2005-11-14 01:06 - 2005-11-14 01:06
Size: 000069632
Attributes: ----A
Company Name: Macrovision Corporation
Internal Name: IDriverT
Original Name: IDriverT.exe
Product: InstallShield
Description: IDriverT Module
File Version: 11.50.42618
Product Version: 11.50
Copyright: Copyright (C) 2005 Macrovision Corporation
VirusTotal: 0

====== End of File: ======


========================= File: C:\Windows\system32\PrintCtrl.exe ========================

C:\Windows\system32\PrintCtrl.exe
File not signed
MD5: 81DBFB92EC47CAC5A7DBAC688886C212
Creation and modification date: 2012-04-15 13:31 - 2009-10-28 19:59
Size: 000065536
Attributes: ----A
Company Name: ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM
Internal Name: PrintCtrl
Original Name: PrintCtrl.exe
Product: PrintCtrl
Description: PrintCtrl
File Version: 1, 0, 4, 1
Product Version: 1, 0, 4, 1
Copyright: Copyright ? 2009 ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM
VirusTotal: 0

====== End of File: ======


========================= File: C:\Windows\system32\Drivers\secdrv.sys ========================

C:\Windows\system32\Drivers\secdrv.sys
File not signed
MD5: 07F7F501AD50DE2BA2D5842D9B6D6155
Creation and modification date: 2006-11-02 08:37 - 2017-08-31 10:58
Size: 000163644
Attributes: ----A
Company Name: Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
Internal Name: SECDRV
Original Name: SECDRV.SYS
Product: Macrovision SECURITY Driver
Description: Macrovision SECURITY Driver
File Version: 4.00.060
Product Version: SECURITY Driver 4.00.060 2004/08/31
Copyright: © 2004 Macrovision Corporation
VirusTotal: 0

====== End of File: ======


========================= File: C:\Windows\system32\Drivers\aaymuygo.sys ========================

"C:\Windows\system32\Drivers\aaymuygo.sys" => not found
====== End of File: ======


========================= Folder: C:\GvTemp ========================


====== End of Folder: ======

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}]
"AuthorizedCDFPrefix"=""
"Comments"=""
"Contact"=""
"DisplayVersion"="9.6"
"HelpLink"=""
"HelpTelephone"=""
"InstallDate"="20140816"
"InstallLocation"="C:\Program Files\pdfforge Toolbar\"
"InstallSource"="C:\Users\Lenka\AppData\Local\Temp\{3A2F27C9-9F34-4968-A71F-BE7ED5E67C16}\"
"ModifyPath"="MsiExec.exe /X{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}"
"NoModify"="1"
"NoRepair"="1"
"Publisher"="Spigot, Inc."
"Readme"=""
"Size"=""
"EstimatedSize"="7463"
"UninstallString"="MsiExec.exe /X{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}"
"URLInfoAbout"=""
"URLUpdateInfo"=""
"VersionMajor"="9"
"VersionMinor"="6"
"WindowsInstaller"="1"
"Version"="151388160"
"Language"="0"
"DisplayName"="pdfforge Toolbar v9.6"

=== End of ExportKey ===
================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}]
"DisplayName"="SweetIM for Messenger 3.0"
"Language"="1033"
"Version"="50331652"
"WindowsInstaller"="1"
"VersionMinor"="0"
"VersionMajor"="3"
"URLUpdateInfo"="http://www.sweetim.com"
"URLInfoAbout"="http://www.sweetim.com"
"UninstallString"="MsiExec.exe /X{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}"
"EstimatedSize"="3982"
"Size"=""
"Readme"=""
"Publisher"="SweetIM Technologies Ltd."
"NoRepair"="1"
"NoModify"="1"
"ModifyPath"="MsiExec.exe /X{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}"
"InstallSource"="C:\Users\Lenka\AppData\Local\Temp\{5BF77B45-62F0-4043-93C3-530DAD92C6BC}\"
"InstallLocation"="C:\Program Files\SweetIM\Messenger\"
"InstallDate"="20100328"
"HelpTelephone"=""
"HelpLink"="http://www.sweetim.com"
"DisplayVersion"="3.0.0004"
"Contact"="SweetIM Technical Support Department"
"Comments"=""
"AuthorizedCDFPrefix"=""

=== End of ExportKey ===
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-667600844-4042081094-1971980655-1003\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-667600844-4042081094-1971980655-1003\Software\MozillaPlugins\wacom.com/WacomTabletPlugin" => removed successfully.
"C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll" => not found
aaymuygo => service not found.
"HKLM\System\CurrentControlSet\Services\ESProtectionDriver" => removed successfully.
ESProtectionDriver => service removed successfully.
"HKLM\System\CurrentControlSet\Services\LgBttPort" => removed successfully.
LgBttPort => service removed successfully.
"HKLM\System\CurrentControlSet\Services\lgbusenum" => removed successfully.
lgbusenum => service removed successfully.
"HKLM\System\CurrentControlSet\Services\LGVMODEM" => removed successfully.
LGVMODEM => service removed successfully.
"HKLM\System\CurrentControlSet\Services\MBAMChameleon" => removed successfully.
MBAMChameleon => service removed successfully.
"HKLM\System\CurrentControlSet\Services\MBAMProtection" => removed successfully.
MBAMProtection => service removed successfully.
"HKLM\System\CurrentControlSet\Services\MBAMWebProtection" => removed successfully.
MBAMWebProtection => service removed successfully.
"HKLM\System\CurrentControlSet\Services\USBAAPL" => removed successfully.
USBAAPL => service removed successfully.
"HKLM\System\CurrentControlSet\Services\usbbus" => removed successfully.
usbbus => service removed successfully.
"HKLM\System\CurrentControlSet\Services\UsbDiag" => removed successfully.
UsbDiag => service removed successfully.
"HKLM\System\CurrentControlSet\Services\USBModem" => removed successfully.
USBModem => service removed successfully.
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\Lenka\Downloads\RSIT.exe => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => removed successfully.
HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO" => removed successfully.
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO" => removed successfully.
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C63EC41A-4C53-4961-961D-76EF2BF5A8BC}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverToolkit Autorun" => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 81390038 B
Java, Flash, Steam htmlcache => 1110 B
Windows/system/drivers => 1012224 B
Edge => 0 B
Chrome => 0 B
Firefox => 380426644 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66882 B
LocalService => 0 B
NetworkService => 0 B
Lenka => 21752311 B
Petra => 93925719 B
Taťka => 10229892 B
Pája => 0 B
UpdatusUser => 0 B
Tučka => 50824429 B
Guest => 0 B

RecycleBin => 0 B
EmptyTemp: => 618 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:58:26 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola

#8 Příspěvek od Conder »

:arrow: Odinstaluj
  • pdfforge Toolbar v9.6
  • SweetIM Technologies Ltd.
:arrow: Nasledne poprosim este o nove logy z FRST, ale bez pouzitia FRSTLauncheru (spusti iba samotny FRST a klikni na Scan).

:arrow: Ako to vyzera s PC?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

nysa
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 16 zář 2014 16:21

Re: Kontrola

#9 Příspěvek od nysa »

Odinstalovat se mě nepodařilo ani jednu věc. Vyskakují hlášky

pdf: error 2738. could not access VBScript run time for custom action
sweet: error 1316. Zadaný účet již existuje.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola

#10 Příspěvek od Conder »

:arrow: OK, odstranime to rucne.

:arrow: Poprosim este o nove logy z FRST, ale bez pouzitia FRSTLauncheru (spusti iba samotny FRST a klikni na Scan).
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

nysa
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 16 zář 2014 16:21

Re: Kontrola

#11 Příspěvek od nysa »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02.08.2018
Ran by Lenka (administrator) on NASPC (16-08-2018 07:15:13)
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka & Petra & Taťka & Tučka & Guest)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
() C:\Windows\System32\PSIService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(GIGABYTE Technology Co.,Ltd.) C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4468736 2007-05-10] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [831576 2016-10-26] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67040 2018-02-12] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296056 2012-05-18] (RealNetworks, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2018-07-26]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\Launcher.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\Tučka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk [2017-11-17]
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 84.16.110.129 84.16.96.2
Tcpip\..\Interfaces\{D685CB04-1893-4C1C-8FE7-5080986A74B6}: [DhcpNameServer] 84.16.110.129 84.16.96.2

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-18] (RealPlayer)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

FireFox:
========
FF DefaultProfile: 6dilfgky.default
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default [2018-08-15]
FF Homepage: Mozilla\Firefox\Profiles\6dilfgky.default -> about:home
FF Extension: (Flash Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-08-10]
FF Extension: (Cooliris) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\piclens@cooliris.com [2012-02-10] [Legacy] [not signed]
FF Extension: (Google Translator for Firefox) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\translator@zoli.bod.xpi [2017-08-31] [Legacy]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-17] [Legacy] [not signed]
FF Extension: (Stylish) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2017-08-31] [Legacy]
FF Extension: (Ultimate Finder) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{7c231677-e4fb-44ac-80a5-c87fcb7c2be9} [2014-10-16] [Legacy] [not signed]
FF Extension: (Adblock Plus) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\6dilfgky.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-08-10]
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\kpmt7ry8.namozilu [2017-09-01]
FF Homepage: Mozilla\Firefox\Profiles\kpmt7ry8.namozilu -> about:home
FF NewTab: Mozilla\Firefox\Profiles\kpmt7ry8.namozilu -> about:newtab
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-06-15] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: (RealPlayer Browser Record Plugin) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2016-02-13] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-05-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2012-05-18] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-667600844-4042081094-1971980655-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lenka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-667600844-4042081094-1971980655-1003: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-29] ()

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default [2017-12-09]
CHR Extension: (Last.fm free music player) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbncpldmanoknoahidbgmkgobgmhnafh [2014-09-22]
CHR Extension: (AdBlock) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-24]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-07-01]
CHR Extension: (Peněženka Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-01]
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-08-26]
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-08-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-12-11]
CHR Extension: (No Name) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-11]
CHR Extension: (Google Wallet) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-12-11]
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2 [2015-08-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-12-11]
CHR Extension: (No Name) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-12]
CHR Extension: (Google Wallet) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-12-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-06-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-08-15] (Adobe Systems Incorporated) [File not signed]
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [970632 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [470600 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [470600 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1253352 2016-10-26] (Avira Operations GmbH & Co. KG) [File not signed]
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [310096 2018-02-12] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-06-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-10] (BlueStack Systems, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1045328 2012-02-11] (Flexera Software, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [931896 2016-06-15] (NVIDIA Corporation)
S2 gupdate1ca5eefa774ed9c; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2167056 2018-05-25] (Electronic Arts)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [65536 2009-10-28] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [File not signed]
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [20624 2012-10-31] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [115600 2016-10-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140272 2016-10-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-06-10] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-12-10] (Disc Soft Ltd)
S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [27672 2007-08-20] (EnTech Taiwan)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 gdrv; C:\Windows\gdrv.sys [16608 2008-12-08] (Windows (R) 2000 DDK provider)
R3 GPCIDrv; C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv.sys [14504 2014-08-28] ()
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI)
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [26976 2012-02-11] (Feitian Technologies Co., Ltd.)
S4 secdrv; C:\Windows\system32\Drivers\secdrv.sys [163644 2017-08-31] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-10-29] (Duplex Secure Ltd.)
U3 ac4ov481; C:\Windows\system32\Drivers\ac4ov481.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Petra\Desktop\pája staví .. ... "
Error(1) reading file: "C:\Users\Petra\Desktop\pája staví .. "
2018-08-16 07:15 - 2018-08-16 07:15 - 000018219 _____ C:\Users\Lenka\Desktop\FRST.txt
2018-08-14 09:53 - 2018-08-14 09:58 - 000016502 _____ C:\Users\Lenka\Desktop\Fixlog.txt
2018-08-14 09:53 - 2018-08-14 09:53 - 000029696 _____ C:\Users\Lenka\AppData\Local\MSGBOX.EXE
2018-08-14 09:53 - 2018-08-14 09:53 - 000015327 _____ C:\Users\Lenka\Desktop\LM.bat
2018-08-14 09:52 - 2018-08-14 09:52 - 000112640 _____ (forum.viry.cz) C:\Users\Lenka\Desktop\FRSTLauncher.exe
2018-08-13 20:24 - 2018-08-13 20:24 - 001773056 _____ (Farbar) C:\Users\Lenka\Desktop\FRST.exe
2018-08-13 20:09 - 2018-08-13 20:09 - 007417040 _____ (Malwarebytes) C:\Users\Lenka\Downloads\adwcleaner_7.2.2(1).exe
2018-08-12 18:41 - 2018-08-12 18:41 - 000000857 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2018-08-12 18:41 - 2018-08-12 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2018-08-12 18:41 - 2018-08-12 18:41 - 000000000 ____D C:\Program Files\CPUID
2018-08-12 18:40 - 2018-08-12 18:40 - 001803392 _____ (CPUID, Inc. ) C:\Users\Lenka\Downloads\cpu-z_1.86-en.exe
2018-08-10 14:29 - 2018-08-10 14:29 - 007417040 _____ (Malwarebytes) C:\Users\Lenka\Downloads\adwcleaner_7.2.2.exe
2018-08-10 13:55 - 2018-08-13 16:40 - 000000000 ____D C:\Users\Lenka\AppData\Local\CrashDumps
2018-08-10 13:54 - 2018-08-10 13:54 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\NVIDIA
2018-08-10 13:52 - 2018-08-10 13:53 - 033411072 _____ C:\Users\Lenka\Downloads\EpicInstaller-7.14.2.msi
2018-08-04 18:04 - 2018-08-04 18:04 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-07-30 14:59 - 2018-08-05 11:26 - 000000000 ____D C:\Users\Petra\Documents\temp
2018-07-29 15:12 - 2018-07-29 15:12 - 000000000 ____D C:\Users\Tučka\AppData\Local\CrashDumps
2018-07-29 11:05 - 2018-07-29 11:05 - 000000000 ____D C:\Users\Tučka\AppData\Local\NVIDIA
2018-07-26 16:43 - 2018-07-26 16:43 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-26 16:43 - 2018-07-26 16:43 - 000000000 ____D C:\Program Files\VulkanRT
2018-07-26 16:43 - 2016-05-04 04:23 - 000129824 _____ C:\Windows\system32\vulkan-1.dll
2018-07-26 16:43 - 2016-05-04 04:22 - 000040224 _____ C:\Windows\system32\vulkaninfo.exe
2018-07-26 16:42 - 2016-05-10 05:46 - 000203320 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 003948480 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 002590656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 002563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000908344 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2018-07-26 16:42 - 2016-05-10 01:45 - 000436672 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000381888 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-07-26 16:42 - 2016-05-10 01:45 - 000068544 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-07-26 16:42 - 2016-05-06 15:48 - 006423191 _____ C:\Windows\system32\nvcoproc.bin
2018-07-26 16:37 - 2016-05-10 19:43 - 000926520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll
2018-07-26 16:37 - 2016-05-10 19:43 - 000170128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2018-07-26 16:37 - 2016-05-10 19:43 - 000035984 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 037569080 _____ C:\Windows\system32\nvcompiler.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 025344960 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 017768992 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 017362992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 016449424 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 014129544 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 010720312 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-07-26 16:37 - 2016-05-10 05:46 - 008674064 _____ C:\Windows\system32\nvptxJitCompiler.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 003286480 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 002810936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 001068600 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3236519.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000925752 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3236519.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000571912 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000379448 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-07-26 16:37 - 2016-05-10 05:46 - 000031406 _____ C:\Windows\system32\nvinfo.pb
2018-07-26 16:37 - 2016-05-10 05:46 - 000000592 _____ C:\Windows\system32\nv-vk32.json
2018-07-26 16:32 - 2018-07-26 16:32 - 000000000 ____D C:\NVIDIA
2018-07-26 16:24 - 2018-07-26 16:29 - 282594864 _____ (NVIDIA Corporation) C:\Users\Lenka\Downloads\365.19-desktop-win8-win7-winvista-32bit-international-whql.exe
2018-07-26 16:14 - 2018-07-26 16:14 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup(3).exe
2018-07-26 16:11 - 2018-07-26 16:11 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup(2).exe
2018-07-26 16:01 - 2018-07-26 16:01 - 000000000 ____D C:\Users\Lenka\AppData\Local\Blizzard
2018-07-26 16:00 - 2018-07-26 16:01 - 000000000 ____D C:\ProgramData\Battle.net
2018-07-26 16:00 - 2018-07-26 16:00 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup(1).exe
2018-07-26 15:59 - 2018-07-26 16:00 - 004703728 _____ (Blizzard Entertainment) C:\Users\Lenka\Downloads\Battle.net-Setup.exe
2018-07-26 15:47 - 2018-07-26 15:47 - 000000000 ____D C:\Users\Lenka\AppData\Local\Nvidia Corporation
2018-07-26 15:40 - 2018-08-16 07:14 - 000000000 ____D C:\Users\Lenka\Documents\temp
2018-07-26 15:40 - 2018-07-26 15:40 - 000000000 ____D C:\GvTemp
2018-07-26 15:38 - 2018-07-26 15:46 - 000000000 ____D C:\Users\Lenka\AppData\Local\NVIDIA
2018-07-26 15:34 - 2018-07-26 15:45 - 000001170 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-07-26 15:20 - 2018-07-26 15:20 - 000001970 _____ C:\Users\Public\Desktop\GIGABYTE OC_GURU.lnk
2018-07-26 15:20 - 2018-07-26 15:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2018-07-26 15:20 - 2018-07-26 15:20 - 000000000 ____D C:\Program Files\GIGABYTE

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-16 07:15 - 2017-08-31 14:01 - 000000000 ____D C:\FRST
2018-08-16 07:15 - 2017-08-31 11:34 - 000000000 ____D C:\Users\Lenka\AppData\LocalLow\Mozilla
2018-08-16 07:07 - 2006-11-02 15:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-16 07:07 - 2006-11-02 14:47 - 000003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-16 07:07 - 2006-11-02 14:47 - 000003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-15 12:29 - 2006-11-02 15:01 - 000032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-08-15 10:28 - 2012-06-10 11:19 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-08-15 10:28 - 2012-06-10 11:19 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-08-15 10:28 - 2008-11-06 15:25 - 000000000 ____D C:\Windows\system32\Macromed
2018-08-14 10:17 - 2014-12-24 13:02 - 000000000 ____D C:\ProgramData\Origin
2018-08-13 13:31 - 2017-12-09 15:22 - 000022528 _____ C:\Users\Lenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-13 11:21 - 2009-12-30 14:11 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\vlc
2018-08-13 10:36 - 2010-01-17 10:47 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\dvdcss
2018-08-13 09:12 - 2015-07-25 18:58 - 000000804 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-08-13 09:12 - 2011-04-17 19:06 - 000000000 ____D C:\Program Files\CCleaner
2018-08-12 19:08 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\inf
2018-08-12 11:54 - 2008-01-21 08:47 - 001541246 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-12 11:54 - 2008-01-21 08:46 - 000648308 _____ C:\Windows\system32\perfh005.dat
2018-08-12 11:54 - 2008-01-21 08:46 - 000138914 _____ C:\Windows\system32\perfc005.dat
2018-08-10 14:42 - 2011-04-17 19:07 - 000000000 ____D C:\Users\Lenka\Documents\registry
2018-08-10 14:37 - 2009-11-08 12:34 - 000000000 ____D C:\Windows\Minidump
2018-08-10 14:30 - 2017-08-31 17:16 - 000000000 ____D C:\AdwCleaner
2018-08-05 11:44 - 2017-02-20 16:20 - 000000000 ____D C:\Users\Tučka\AppData\LocalLow\Mozilla
2018-08-05 11:32 - 2017-08-20 14:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-08-04 18:04 - 2017-09-08 13:40 - 000002067 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-08-04 18:04 - 2009-01-24 21:33 - 000000000 ____D C:\Program Files\Google
2018-07-26 16:44 - 2008-12-08 19:05 - 000000000 ____D C:\Users\Lenka
2018-07-26 16:43 - 2010-04-14 18:44 - 000000000 ____D C:\temp
2018-07-26 16:42 - 2012-12-02 10:30 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-07-26 16:42 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\Help
2018-07-26 16:41 - 2012-12-02 10:34 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-07-26 16:30 - 2009-06-24 15:09 - 000000000 ____D C:\Users\Lenka\Documents\Electronic Arts
2018-07-26 15:34 - 2008-12-08 21:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-07-26 15:27 - 2012-12-02 10:36 - 000000000 ____D C:\Users\UpdatusUser
2018-07-26 15:21 - 2008-11-06 14:28 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2018-07-26 15:13 - 2010-06-21 14:35 - 000001356 _____ C:\Users\Lenka\AppData\Local\d3d9caps.dat
2018-07-17 00:02 - 2009-10-03 08:25 - 000480888 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-08-27 12:29 - 2015-08-27 12:29 - 000128626 _____ () C:\Users\Petra\cc_20150827_122906.reg
2015-08-27 12:38 - 2015-08-27 12:38 - 000324580 _____ () C:\Users\Taťka\cc_20150827_123831.reg
2015-08-27 12:39 - 2015-08-27 12:39 - 000000788 _____ () C:\Users\Taťka\cc_20150827_123902.reg
2015-08-27 12:43 - 2015-08-27 12:43 - 000110996 _____ () C:\Users\Tučka\cc_20150827_124257.reg
2014-10-29 16:27 - 2014-10-29 16:28 - 000005960 _____ () C:\Program Files\log.txt
2009-10-17 19:04 - 2010-10-02 15:41 - 000000141 _____ () C:\Users\Lenka\AppData\Roaming\default.rss
2008-12-16 20:17 - 2008-12-16 20:17 - 000000235 _____ () C:\Users\Lenka\AppData\Roaming\devices.xml
2008-12-16 20:17 - 2008-12-16 20:17 - 000000012 _____ () C:\Users\Lenka\AppData\Roaming\settings.xml
2010-06-21 14:35 - 2018-07-26 15:13 - 000001356 _____ () C:\Users\Lenka\AppData\Local\d3d9caps.dat
2017-12-09 15:22 - 2018-08-13 13:31 - 000022528 _____ () C:\Users\Lenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-14 09:53 - 2018-08-14 09:53 - 000029696 _____ () C:\Users\Lenka\AppData\Local\MSGBOX.EXE

Some files in TEMP:
====================
2017-09-01 11:08 - 2018-08-14 10:05 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-16 07:13

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02.08.2018
Ran by Lenka (16-08-2018 07:16:06)
Running from C:\Users\Lenka\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2008-12-08 16:57:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-667600844-4042081094-1971980655-500 - Administrator - Disabled)
Guest (S-1-5-21-667600844-4042081094-1971980655-501 - Limited - Disabled) => C:\Users\Guest
Lenka (S-1-5-21-667600844-4042081094-1971980655-1003 - Administrator - Enabled) => C:\Users\Lenka
Petra (S-1-5-21-667600844-4042081094-1971980655-1004 - Administrator - Enabled) => C:\Users\Petra
Taťka (S-1-5-21-667600844-4042081094-1971980655-1005 - Limited - Enabled) => C:\Users\Taťka
Tučka (S-1-5-21-667600844-4042081094-1971980655-1263 - Limited - Enabled) => C:\Users\Tučka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activation (Nero 9 HD) (HKLM\...\{a63187f6-6aea-41ea-a218-22f943beb67e}) (Version: - Nero AG)
Activation (Nero BackItUp 4) (HKLM\...\{d6c05fd4-eefa-493c-8904-2b7fa22b9ab6}) (Version: - Nero AG)
Activation (Nero MediaHome 4) (HKLM\...\{a130e290-dac7-462d-a533-4437efdbadb8}) (Version: - Nero AG)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (HKLM\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Advertising Center (HKLM\...\{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}) (Version: 0.0.0.1 - Nero AG) Hidden
Aktualizace NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_PROR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_PROR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_PROR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ArchiCAD 16 CZE (HKLM\...\001FFF1FFF16FF00FF1101F01F02F000-R1) (Version: 16.0 - GRAPHISOFT)
Artlantis Studio 4.0 (HKLM\...\Artlantis Studio 4) (Version: 4.0.14 - Abvent R&D)
ArtRage Studio Pro (HKLM\...\{43F81BD1-10E1-4CCE-BCAF-E3100F039D6B}) (Version: 3.0.7 - Ambient Design)
Audiosurf (HKLM\...\{6D316D67-DA52-4659-9C98-F479963534D6}) (Version: 1.00.0000 - BestGameEver)
AutoCAD 2012 - Czech (HKLM\...\{5783F2D7-A001-0405-0002-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 - Czech (HKLM\...\AutoCAD 2012 - Czech) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 Language Pack - Czech (HKLM\...\{5783F2D7-A001-0405-1002-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD Architecture 2009 - Český (HKLM\...\{5783F2D7-7004-0405-0002-0060B0CE6BBA}) (Version: 5.7.68.0 - Autodesk) Hidden
AutoCAD Architecture 2009 - Český (HKLM\...\AutoCAD Architecture 2009 - Český) (Version: 5.7.68.0 - Autodesk)
Autodesk Content Service (HKLM\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk Material Library 2012 (HKLM\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.19.164 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{18C7265D-7754-457D-83A4-492A62F02591}) (Version: 1.1.68.2326 - Avira Operations GmbH & Co. KG) Hidden
Avira Launcher (HKLM\...\{b7a1a821-b592-485a-886c-b744b4dbe004}) (Version: 1.1.68.2326 - Avira Operations GmbH & Co. KG)
BlueStacks Notification Center (HKLM\...\{6397E61B-A6B5-4479-85A4-0F746D6B328F}) (Version: 0.7.13.899 - BlueStack Systems, Inc.)
Blu-ray Disc Authoring Plug-in (HKLM\...\{f58e0570-b3da-4f53-95cf-22de5b19b67a}) (Version: - Nero AG)
Blu-ray Video Plug-in (HKLM\...\{c9d9a0e0-fdbb-40c2-b73a-b094456dd019}) (Version: - Nero AG)
Blu-ray/HD DVD Video Plug-in (HKLM\...\{25d95fb5-6ca8-4357-87ce-1f4ad0ffcdb3}) (Version: - Nero AG)
CADKON-2D 2009.1 (HKLM\...\{0ABCECAD-0600-0400-0100-0ABCECAD0090}) (Version: 13.10.0000 - AB Studio) Hidden
CADKON-2D 2009.1 pro ACD-A 2009 (HKLM\...\InstallShield_{0ABCECAD-0600-0400-0100-0ABCECAD0090}) (Version: 13.10.0000 - AB Studio)
capella 7 (HKLM\...\{805309CD-4AE4-4587-9EEA-03148871A414}) (Version: 7.1.14 - capella software AG)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Connect (HKLM\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Corel Painter Essentials 4 (HKLM\...\_{53A908D4-99C6-469B-BC13-F4189F260742}) (Version: - Corel Corporation)
Corel Painter Essentials 4 (HKLM\...\{53A908D4-99C6-469B-BC13-F4189F260742}) (Version: 4.0 - Corel Corporation) Hidden
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DolbyFiles (HKLM\...\{56BE5CC9-95E6-4128-ABEA-968414CA9C80}) (Version: 2.0 - Nero AG) Hidden
Dropbox (HKU\S-1-5-21-667600844-4042081094-1971980655-1003\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Frets On Fire (HKLM\...\Frets on Fire) (Version: 1.3.110-win32 - )
GIGABYTE OC_GURU II (HKLM\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.96.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.96.0000 - GIGABYTE Technology Co.,Ltd.)
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gracenote Plug-in (HKLM\...\{dbd178fc-63fc-456f-aeb8-5389771e5b9c}) (Version: - Nero AG)
ICQ7.4 (HKLM\...\{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}) (Version: 7.4 - ICQ)
ImagXpress (HKLM\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
kuler (HKLM\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Livestream for Producers (HKLM\...\{53466613-9260-4814-AE66-7F3A3FA978D3}) (Version: 0.0.64 - Livestream)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM\...\{B44F3823-52DD-45CA-A916-8B320778715D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 52.7.3 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.7.3 ESR (x86 cs)) (Version: 52.7.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.7.3.6655 - Mozilla)
mp3PRO Plug-in (HKLM\...\{4dbf3958-5338-4d66-86e0-670c39dd3fc5}) (Version: - Nero AG)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero BackItUp 4 (HKLM\...\{e219f9a4-16b3-4816-82de-ffcb8599e734}) (Version: - Nero AG)
Nero InCD-Reader (HKLM\...\{8404580d-8c12-4f3c-9b19-b026251975ee}) (Version: - Nero AG)
Nero MediaHome 4 (HKLM\...\{e0b72183-d712-4a7e-97ad-7404bf3f8140}) (Version: - Nero AG)
Nero Move it (HKLM\...\{645271dd-9437-4ca0-b4a5-30f4590cff13}) (Version: - Nero AG)
Notová Osnova (HKLM\...\Notová Osnova) (Version: 1.00 - PC-MarKo)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice.org 3.0 (HKLM\...\{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}) (Version: 3.0.9358 - OpenOffice.org)
Origin (HKLM\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 365.19 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS4 (HKLM\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.1 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v9.6 (HKLM\...\{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}) (Version: 9.6 - Spigot, Inc.) <==== ATTENTION
PhotoFiltre (HKLM\...\PhotoFiltre) (Version: - )
Photoshop Camera Raw (HKLM\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5413 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
SecurDisc Viewer (HKLM\...\{ea720de1-d14a-4e88-9878-61db27e1d103}) (Version: - Nero AG)
Segoe UI (HKLM\...\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}) (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SketchUp 2013 (HKLM\...\{72B622C9-AA10-47D7-A10C-377CF9BC8502}) (Version: 13.0.4124 - Trimble Navigation Limited)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Suite Shared Configuration CS4 (HKLM\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
SweetIM for Messenger 3.0 (HKLM\...\{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}) (Version: 3.0.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Sims™ 4 (HKLM\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.45.62.1020 - Electronic Arts Inc.)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-667600844-4042081094-1971980655-1003\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Manager (HKLM\...\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}) (Version: 4.60 - Corel Corporation) Hidden
VBA (2627.01) (HKLM\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2720) (HKLM\...\{1727CD47-A408-11d2-AFAD-00C04F72FB3E}) (Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (HKLM\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
Vegas Pro 10.0 (HKLM\...\{5AC11070-A1CB-11E0-A0DC-0013D3D69929}) (Version: 10.0.737 - Sony)
VLC media player 1.0.1 (HKLM\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-667600844-4042081094-1971980655-1003\...\WinDirStat) (Version: - )
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Zkušební verze produktu Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Zoo Tycoon 2 (HKLM\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{09D5408E-9690-46E3-B0CA-9A7A36FEF2A5}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Lenka\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{517C01D5-4E55-5627-A7A6-C680043FD3AF}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{5AFAFE48-7107-4FE5-B21A-86A4254541DD}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD Architecture 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.dll (InstallShield Software Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{AAC30F99-D832-421A-BCEE-B699491916AA}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E42CE23D-69F9-480A-A15F-BFF5E4D170C3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-667600844-4042081094-1971980655-1003_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2011-02-04] (Autodesk)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2008-09-29] (Nero AG)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers1: [PSPad] -> {8903F6C9-25E3-40AC-A98F-E6D35CD0469C} => C:\Program Files\PSPad editor\PSPadShell.dll [2008-03-30] ()
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\AntiVir Desktop\shlext.dll [2016-10-26] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-08-29] ()
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-08-29] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-05-10] (NVIDIA Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\AntiVir Desktop\shlext.dll [2016-10-26] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-08-29] ()
ContextMenuHandlers1_S-1-5-21-667600844-4042081094-1971980655-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-667600844-4042081094-1971980655-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-667600844-4042081094-1971980655-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {1208743E-61F8-4539-833C-3A9C5E392DCB} - System32\Tasks\{F59721B4-1D55-4D49-967D-72B793B03CD9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Common Files\Nero\Uninstall\setupx.exe" -c /uninstall ExtraUninstallID=""
Task: {1468EA04-10F8-4B40-9BFE-6FD2E583C18F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-15] (Adobe Systems Incorporated)
Task: {220D5908-8889-492D-9774-14912EC3EC40} - System32\Tasks\{C2FF93A5-AC0E-4F3E-AE85-EE8061B48526} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Graphisoft\ArchiCAD 13\Uninstall.AC\uninstaller.exe"
Task: {3E5CAAA3-1768-4DA7-AAD9-149AA4939B5E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {407E4B8E-7A6F-4089-ACC0-F9D255019DE8} - System32\Tasks\{65AD4699-EFB5-4339-B1CF-C5F5E1AF16DE} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.1.0.105/cs/abandoninstall?page=tsProgressBar
Task: {5A2BBE63-CF07-45B5-A815-87CA7FD7CF22} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {66D54D8A-5312-4198-91A0-F839F452468C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {71441071-A4E9-4386-AF1E-A6AE1D89115C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-15] (Adobe Systems Incorporated)
Task: {7B0E8ABF-80CB-4405-BC90-7947360564B1} - System32\Tasks\RealCreateProcessScheduledTask10430913S-1-5-21-667600844-4042081094-1971980655-1003 => c:\program files\real\realplayer\update\realsched.exe [2012-05-18] (RealNetworks, Inc.)
Task: {7FE97D8A-4078-469B-9C1C-DD943661D1BD} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1263 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {8DE3ADF5-C554-42F3-B323-F8F424FE5727} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe
Task: {8EE25BAE-4048-4B14-AEA6-C91C97201DEA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1006 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {8F16325C-7DC9-4B4E-83FF-2B2EF365F636} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1263 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {8F1E24B0-EB89-4234-9236-7FD1FB985BF7} - System32\Tasks\{2C127F6F-4F23-4EFD-AD9C-A3D893B923C4} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {9CEFCF6D-FA8C-4478-834B-878680125C08} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {9F5D61DB-3119-4E11-B290-961C874FE443} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {AAB2883D-6DB7-408B-99BE-0DF70104D2AF} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1006 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {AF0B2C89-9D36-41AF-B6BC-742D501AF699} - System32\Tasks\{2E99501F-84DB-441F-B5F6-CDEA7803299C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe" -c REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
Task: {CD1114C0-0419-4425-87C1-C429BF6D6C4D} - System32\Tasks\{6A88973A-6E84-489B-BF99-A6E415345D96} => "C:\Program Files\Internet Explorer\IEXPLORE.EXE" hxxp://ui.skype.com/ui/0/7.1.0.105/cs/abandoninstall?page=tsProgressBar
Task: {DA8A523E-3155-4F3A-A892-CD0D987B204B} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-667600844-4042081094-1971980655-1003 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {E03463FB-A1CB-4FE8-8274-CE8B2DAA6EE9} - System32\Tasks\{D4E42282-B7C4-41DF-A1F7-4D869B5EA0BA} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.6.0.106/cs/abandoninstall?page=tsBing
Task: {E4E22FB1-F9E7-483C-B8CE-B4EB5531D159} - System32\Tasks\RealCreateProcessScheduledTask3228175S-1-5-21-667600844-4042081094-1971980655-1003 => c:\program files\real\realplayer\update\realsched.exe [2012-05-18] (RealNetworks, Inc.)
Task: {E833B7E7-DD4C-479A-BF51-B0E58FC1493F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {ED798D29-E0C8-4D5F-865F-8BC80243C3EB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1003 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {F1F6F137-E50E-49A3-9E62-40FDEF23C728} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FE9BD8BA-4F06-4600-B2F7-2C983BCC545B} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-667600844-4042081094-1971980655-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2012-08-02 18:16 - 2001-10-28 17:42 - 000116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-02-02 15:08 - 2011-02-02 15:08 - 000018656 _____ () C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
2007-06-05 13:20 - 2007-06-05 13:20 - 000177704 _____ () C:\Windows\system32\PSIService.exe
2008-12-11 17:42 - 2008-08-29 11:55 - 000132608 _____ () C:\Program Files\WinRAR\rarext.dll
2008-12-11 17:42 - 2008-09-03 16:28 - 000319488 _____ () C:\Program Files\WinRAR\rarlng.dll
2009-09-16 15:16 - 2008-03-30 16:22 - 000070144 _____ () C:\Program Files\PSPad editor\PSPadShell.dll
2018-07-26 15:34 - 2016-06-15 03:14 - 000020536 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2013-07-24 12:17 - 2013-07-24 12:17 - 000012520 _____ () C:\Users\Lenka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2013-07-24 12:17 - 2013-07-24 12:17 - 000015080 _____ () C:\Users\Lenka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2013-07-24 12:17 - 2013-07-24 12:17 - 000014056 _____ () C:\Users\Lenka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2015-03-24 18:01 - 2015-03-24 18:01 - 000192512 _____ () C:\Program Files\GIGABYTE\GIGABYTE OC_GURU II\GvVGAConfig.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF [1038]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [210]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-667600844-4042081094-1971980655-1003\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-667600844-4042081094-1971980655-1003\...\mojebanka.cz -> hxxps://www.mojebanka.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2018-08-14 09:55 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-667600844-4042081094-1971980655-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenka\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
DNS Servers: 84.16.110.129 - 84.16.96.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk => C:\Windows\pss\Network Server.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: EA Core => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Jing => C:\Program Files\TechSmith\Jing\Jing.exe
MSCONFIG\startupreg: LG LinkAir =>
MSCONFIG\startupreg: PeerBlock => C:\Program Files\PeerBlock\peerblock.exe
MSCONFIG\startupreg: PrintDisp => C:\Windows\system32\PrintDisp.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{34FA48E3-221B-43F2-96DB-1C76BD49E373}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A11792C0-33A3-4503-9913-53FEC8283CFB}] => (Allow) svchost.exe
FirewallRules: [{D7FB2B27-1F73-4805-A9B4-5B4147E24642}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{9FE753AB-0B41-4D34-990E-34B6687DC993}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{70B98C8C-5FB7-4AEE-96AE-33E4CFB60DDD}C:\soldat\soldat.exe] => (Block) C:\soldat\soldat.exe
FirewallRules: [UDP Query User{03416656-D69A-4C7E-88A7-01026E00E6E1}C:\soldat\soldat.exe] => (Block) C:\soldat\soldat.exe
FirewallRules: [TCP Query User{998D23E9-753D-4C4C-BAE0-A620C21622A1}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{548B2611-7051-41C5-84A3-D8BA3E00AE49}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{3C26F00E-D3A2-4C20-92CE-C222390E24A1}] => (Allow) LPort=5353
FirewallRules: [{7CB57855-D7A7-4A0D-9B2B-10F9B018B39F}] => (Allow) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{83A844DF-C096-4493-A209-CCFF1B5AB5E2}] => (Allow) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [TCP Query User{E77CA29F-05E9-478F-A116-B9D36A29FAAA}C:\windows\system32\dplaysvr.exe] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [UDP Query User{A337153F-4B8B-462A-8025-8937EED672DA}C:\windows\system32\dplaysvr.exe] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [TCP Query User{2951CFC0-B66D-4008-A9D0-7025DBC87E57}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{F895B31F-AEEE-4F76-9259-F496471E713A}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe
FirewallRules: [{3A6C41E5-1754-467A-9CFC-6DC3542D4A5B}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{38965A9E-0E5B-4CA5-B822-B8ECFFDFAB93}] => (Allow) svchost.exe
FirewallRules: [TCP Query User{4EDF9FF6-BB41-4128-AAA5-4AD9E251F752}C:\program files\windows sidebar\sidebar.exe] => (Block) C:\program files\windows sidebar\sidebar.exe
FirewallRules: [UDP Query User{B17F0A57-748D-4EBE-A3F5-5718C467BFCF}C:\program files\windows sidebar\sidebar.exe] => (Block) C:\program files\windows sidebar\sidebar.exe
FirewallRules: [{D9A3E14A-2A06-4EDC-BDB7-65E867EA9774}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{1EA0F088-74A8-4B0F-9551-A78D2E6C6221}] => (Allow) LPort=80
FirewallRules: [{D837335E-61E7-4DE0-BEA7-128BF318A3DC}] => (Allow) LPort=80
FirewallRules: [{08C8CC55-F2ED-4EE4-A1F6-90F197EB0561}] => (Allow) LPort=80
FirewallRules: [TCP Query User{B5A10A16-C594-42BC-8545-0D4AED9D0C86}C:\program files\ubisoft\assassin's creed brotherhood\acbspcrac.exe] => (Block) C:\program files\ubisoft\assassin's creed brotherhood\acbspcrac.exe
FirewallRules: [UDP Query User{EB03DCC9-AF40-4B35-B979-3AA7733EAD86}C:\program files\ubisoft\assassin's creed brotherhood\acbspcrac.exe] => (Block) C:\program files\ubisoft\assassin's creed brotherhood\acbspcrac.exe
FirewallRules: [TCP Query User{A6E97896-2040-4066-9075-A42C0D7122B1}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{B7C3668E-C35E-4CD7-B919-538C2943E75D}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{11784C61-F6A0-469A-88CE-1EF81AEEF4FE}C:\program files\artlantis studio 4\qtsocketserver.exe] => (Block) C:\program files\artlantis studio 4\qtsocketserver.exe
FirewallRules: [UDP Query User{EBFE8382-1CB6-4136-B8C2-7B52B983A50D}C:\program files\artlantis studio 4\qtsocketserver.exe] => (Block) C:\program files\artlantis studio 4\qtsocketserver.exe
FirewallRules: [{4C774998-07B5-4ABF-99E0-D47695582FEC}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{5299E02B-3436-44CE-B749-280D9B78A311}C:\users\pája\appdata\roaming\icq\application\icq7.7\icq.exe] => (Block) C:\users\pája\appdata\roaming\icq\application\icq7.7\icq.exe
FirewallRules: [UDP Query User{AE4F4F71-59E8-46EC-8FC7-86A608F40816}C:\users\pája\appdata\roaming\icq\application\icq7.7\icq.exe] => (Block) C:\users\pája\appdata\roaming\icq\application\icq7.7\icq.exe
FirewallRules: [TCP Query User{0B881D21-3742-4E92-A609-A0AB980E46B4}C:\users\taťka\appdata\roaming\icq\application\icq7.7\icq.exe] => (Block) C:\users\taťka\appdata\roaming\icq\application\icq7.7\icq.exe
FirewallRules: [UDP Query User{35B2CCE9-D6BA-4FFF-BC79-3D09CCB892FB}C:\users\taťka\appdata\roaming\icq\application\icq7.7\icq.exe] => (Block) C:\users\taťka\appdata\roaming\icq\application\icq7.7\icq.exe
FirewallRules: [TCP Query User{5E39A2B0-78E9-4E30-BC6B-AA40D4E7AF5D}C:\users\taťka\downloads\chmatakov15.exe] => (Block) C:\users\taťka\downloads\chmatakov15.exe
FirewallRules: [UDP Query User{DBC2F8CD-ED10-4E1C-9531-D6CD4C4969B0}C:\users\taťka\downloads\chmatakov15.exe] => (Block) C:\users\taťka\downloads\chmatakov15.exe
FirewallRules: [TCP Query User{7056CD2B-97DF-4D11-8921-56A11531A3F7}C:\users\taťka\downloads\chmatakov15 (1).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (1).exe
FirewallRules: [UDP Query User{449D244C-8A52-436B-BCC7-4F705294C72D}C:\users\taťka\downloads\chmatakov15 (1).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (1).exe
FirewallRules: [TCP Query User{CF359088-C210-410D-A536-D4311DFE89FF}C:\users\taťka\downloads\chmatakov15 (2).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (2).exe
FirewallRules: [UDP Query User{06AD578A-E3FC-4B8C-B7C9-42DB03A8B854}C:\users\taťka\downloads\chmatakov15 (2).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (2).exe
FirewallRules: [TCP Query User{ABFB4F4E-DD14-4373-B6BC-54842053F4B0}C:\users\taťka\downloads\chmatakov15 (3).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (3).exe
FirewallRules: [UDP Query User{D469467B-6BAA-4AB1-BCB1-10E47FF177E4}C:\users\taťka\downloads\chmatakov15 (3).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (3).exe
FirewallRules: [TCP Query User{A635540A-7FFB-4CE8-85AF-980CF8156EBF}C:\users\taťka\downloads\chmatakov15 (4).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (4).exe
FirewallRules: [UDP Query User{EB6A5648-5B0D-4AAF-A30F-D773EFCC70E1}C:\users\taťka\downloads\chmatakov15 (4).exe] => (Block) C:\users\taťka\downloads\chmatakov15 (4).exe
FirewallRules: [{DB43424C-4261-42D0-B14F-AD09308DBD73}] => (Allow) C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{12DF331E-B9AD-49F7-8E9C-ABA8E352BE77}] => (Allow) C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{45320810-99AB-48F9-8679-88CD04232B7D}] => (Allow) C:\Users\Lenka\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CF1E3EF3-CE42-4839-ACEE-0D29E1F07540}] => (Allow) C:\Users\Lenka\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4933CD35-B2B8-4635-ACF7-495F6E3EF057}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{AA7E3CF1-7322-4546-929C-60D54296D2C5}] => (Allow) LPort=2869
FirewallRules: [{F4F76DF5-44AC-406B-83C8-2D6B17DAA62B}] => (Allow) LPort=1900
FirewallRules: [{2828FC58-FBB1-4BDC-AF7B-B03579A0B731}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{4922C4DD-BE28-4CB8-9AA4-5BE282D88DB6}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{123F96C7-BA24-4F32-909C-9C8F20692A62}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{1922C4BC-2844-4ED2-A398-B446E81CABC7}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 16\ArchiCAD.exe
FirewallRules: [{100FADD6-609B-4F19-B0EB-D1ED6A432AB2}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 16\ArchiCAD.exe
FirewallRules: [{D5D61E17-9069-4BF0-9B21-7FC3C9100B5E}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 16\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{2A519E14-6107-4D14-8460-103B4B41FA98}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 16\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{6FE762D8-1EB2-49B7-AB3A-B92A94EF92A6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BD63E2EE-76CD-471F-B3FF-B07E3C9B11DA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{47419641-A674-4904-899F-A6F9D1D71516}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{655A92CE-10DF-4882-B3FE-269029C98A9E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BE6ECEB8-FAC0-4B6D-8674-B347B5D4D9CD}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{7E315FAA-A11E-4264-848D-85972A2C248E}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{B721260E-7C04-4A5E-8DD4-E3E0ABF09A53}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{C8DC1BFE-67F7-452E-9B5E-0D36266CACA1}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{11F30A5F-01EB-4D9C-AA02-2FAB43A1B63A}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EC2E528C-C0D8-4B90-88C0-04EBCC8A1E13}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{D9230549-41CE-4B26-A53A-5B98F315EBF4}C:\soldat\soldat.exe] => (Block) C:\soldat\soldat.exe
FirewallRules: [UDP Query User{D908AD2E-A2FE-4F95-9A49-9C05A3F51A01}C:\soldat\soldat.exe] => (Block) C:\soldat\soldat.exe
FirewallRules: [{4B35CF47-B7FB-4C66-80AC-E760400A38A3}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{E2A9AE0C-9E30-4B2C-943E-8E42DDE77807}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{831DFDA0-4691-44CF-80DD-240D79B1C056}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{12B422F1-593D-41BE-AEB6-EBB6DB5C89FB}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{2129FF60-FA05-4E4C-A67D-82E50632A2EB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3F1160D2-0ED4-483A-9823-4D29D8EEF628}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

16-03-2018 15:12:51 Windows Update
03-04-2018 18:47:33 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
14-04-2018 11:12:00 Windows Update
19-04-2018 18:30:40 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
25-05-2018 14:43:37 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
26-07-2018 15:19:37 Installed GIGABYTE OC_GURU II
26-07-2018 15:29:12 Instalace balíčku ovladače zařízení: NVIDIA Grafické adaptéry
26-07-2018 15:31:53 Instalace balíčku ovladače zařízení: NVIDIA Corporation Řadiče zvuku, videa a her
26-07-2018 15:32:20 Instalace balíčku ovladače zařízení: NVIDIA Řadiče USB (Universal Serial Bus)
26-07-2018 15:32:56 Odebráno: NVIDIA PhysX
26-07-2018 16:39:47 Instalace balíčku ovladače zařízení: NVIDIA Grafické adaptéry
26-07-2018 16:43:42 Instalace balíčku ovladače zařízení: NVIDIA Corporation Řadiče zvuku, videa a her
26-07-2018 16:44:08 Instalace balíčku ovladače zařízení: NVIDIA Řadiče USB (Universal Serial Bus)
29-07-2018 14:10:52 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
05-08-2018 11:38:42 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
10-08-2018 11:48:30 Windows Update
10-08-2018 14:00:00 Installed Epic Games Launcher
13-08-2018 08:44:59 Removed BlueStacks Notification Center
13-08-2018 08:58:28 Removed BlueStacks Notification Center
14-08-2018 09:53:46 Restore Point Created by FRST
15-08-2018 10:27:44 Removed pdfforge Toolbar v9.6.
15-08-2018 10:30:11 Removed pdfforge Toolbar v9.6.
15-08-2018 10:31:16 Removed SweetIM for Messenger 3.0
15-08-2018 10:32:30 Removed SweetIM for Messenger 3.0

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/16/2018 07:08:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Program Files\Windows Live\Messenger\msnmsgr.exe. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.

Error: (08/16/2018 07:08:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Program Files\Windows Live\Messenger\msnmsgr.exe. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.

Error: (08/16/2018 07:08:05 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: Operace byla dokončena úspěšně
--- Konec trasování zásobníku pro vnitřní výjimku ---
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (08/15/2018 10:34:27 AM) (Source: MsiInstaller) (EventID: 11316) (User: NasPC)
Description: Product: SweetIM for Messenger 3.0 -- Error 1316.Zadaný účet již existuje.

Error: (08/15/2018 10:34:05 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Program Files\Windows Live\Messenger\msnmsgr.exe. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.

Error: (08/15/2018 10:34:05 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Program Files\Windows Live\Messenger\msnmsgr.exe. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.

Error: (08/15/2018 10:32:20 AM) (Source: MsiInstaller) (EventID: 11316) (User: NasPC)
Description: Product: SweetIM for Messenger 3.0 -- Error 1316.Zadaný účet již existuje.

Error: (08/15/2018 10:31:02 AM) (Source: MsiInstaller) (EventID: 10005) (User: NasPC)
Description: Product: pdfforge Toolbar v9.6 -- Error 2738.Could not access VBScript run time for custom action .


System errors:
=============
Error: (08/16/2018 07:08:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
i8042prt

Error: (08/16/2018 07:08:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
Při obsluze řídicí žádosti došlo ve službě k výjimce.

Error: (08/15/2018 10:21:56 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
i8042prt

Error: (08/15/2018 10:21:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
Při obsluze řídicí žádosti došlo ve službě k výjimce.

Error: (08/14/2018 03:22:07 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AntiVirSchedulerService bylo dosaženo časového limitu (30000 ms).

Error: (08/14/2018 10:05:03 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
i8042prt

Error: (08/14/2018 10:05:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
Při obsluze řídicí žádosti došlo ve službě k výjimce.

Error: (08/14/2018 09:53:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.


CodeIntegrity:
===================================

Date: 2017-08-31 14:02:48.441
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-31 14:02:48.195
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-31 14:02:47.953
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-31 14:02:47.702
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-31 14:02:47.387
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MBAMChameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-31 14:02:47.144
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MBAMChameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-31 14:02:46.900
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MBAMChameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-31 14:02:46.651
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MBAMChameleon.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 39%
Total physical RAM: 3581.58 MB
Available physical RAM: 2171.16 MB
Total Virtual: 7400.11 MB
Available Virtual: 6025.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.17 GB) (Free:125.25 GB) NTFS ==>[drive with boot components (obtained from BCD)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 13BDEB28)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola

#12 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    File: C:\Program Files\Avira\AntiVir Desktop\sched.exe
    File: C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    File: C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
    File: C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    File: C:\Windows\system32\PrintCtrl.exe
    Folder: C:\Users\Petra\Desktop
    
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AA47ABA7-4F91-4B66-A03D-47CB1552F5E6}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}
    
    C:\Program Files\pdfforge Toolbar
    C:\Program Files\SweetIM
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

nysa
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 16 zář 2014 16:21

Re: Kontrola

#13 Příspěvek od nysa »

fixlog
Přílohy
Fixlog.rar
(182.82 KiB) Staženo 60 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola

#14 Příspěvek od Conder »

:arrow: Vyzera to uz OK. Su este s PC nejake problemy?

:arrow: Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

nysa
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 16 zář 2014 16:21

Re: Kontrola

#15 Příspěvek od nysa »

Bez problémů, děkuji.

Odpovědět