Prosim o preventivku

Zpráva

honzahelios · #1 Příspěvek od **honzahelios** » 09 lis 2018 20:17

Ahoj, prosim o preventivni kontrolu. Nize prikladam pozadovane logy z FRST.

Diky, Honza

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08.11.2018
Ran by Honza (administrator) on HONZA (09-11-2018 20:10:24)
Running from C:\Users\Honza\Downloads
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2808560 2014-06-24] (Synaptics Incorporated)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-06] (Realtek Semiconductor Corporation)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-16] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-09-16] (Lenovo(beijing) Limited)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe [177928 2018-11-05] (ESET)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-03-10] (Autodesk, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-06-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493568 2015-12-10] (VŠB-TU Ostrava)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Honza\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [Discord] => C:\Users\Honza\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [ECigStats] => C:\Users\Honza\AppData\Roaming\ECigStats\ECigStats\ECigStats.exe [186504 2018-08-14] (Evolv LLC)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [Unified Remote V3] => "C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks2\WargamingGameUpdater.exe"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [568904 2016-12-02] (ZONER software)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [World of Tanks (1)] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [World of Tanks (2)] => C:\Games\World_of_Tanks_CT\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [Gaijin.Net Agent] => C:\Users\Honza\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2128968 2018-06-14] (Gaijin Entertainment)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [EpicGamesLauncher] => C:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32931728 2018-07-11] (Epic Games, Inc.)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7391816 2018-10-25] (GOG.com)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2018-06-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-03-30]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Honza\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wifi.bat.lnk [2018-11-06]
ShortcutTarget: wifi.bat.lnk -> C:\Users\Honza\Desktop\wifi.bat ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 193.85.1.100 193.85.2.100 8.8.8.8 192.168.25.1
Tcpip\..\Interfaces\{132CB79F-EEF1-4C2E-9DD4-0107EB87815D}: [DhcpNameServer] 158.196.0.53 158.196.99.166
Tcpip\..\Interfaces\{845EC30C-296E-4BF0-A0F6-53BAEEA9E98F}: [DhcpNameServer] 193.85.1.100 193.85.2.100 8.8.8.8 192.168.25.1
Tcpip\..\Interfaces\{9BDAC3B3-23C4-462A-BB08-86CC464EEF52}: [DhcpNameServer] 10.13.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10444__181017
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002 -> DefaultScope {0F2B12EB-5226-4078-874C-AD603E3D4B25} URL =
SearchScopes: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002 -> {0F2B12EB-5226-4078-874C-AD603E3D4B25} URL =
SearchScopes: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10444__181017&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 9a5gdns3.default
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\9a5gdns3.default [2018-11-03]
FF Homepage: Mozilla\Firefox\Profiles\9a5gdns3.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10444__181017
FF NewTab: Mozilla\Firefox\Profiles\9a5gdns3.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10444__181017
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\9a5gdns3.default\Extensions\cs@dictionaries.addons.mozilla.org [2017-02-18] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\9a5gdns3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-09-06]
FF SearchPlugin: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\9a5gdns3.default\searchplugins\securesearch.xml [2018-10-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-08-02] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2184128150-3763628530-3428707980-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Honza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> chrome://apps/
CHR StartupUrls: Default -> "hxxp://fb.com/"
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default [2018-11-09]
CHR Extension: (ProxFlow) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2018-09-14]
CHR Extension: (Dokumenty) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-17]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-17]
CHR Extension: (Adblock Plus) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-11-02]
CHR Extension: (Adblock na Youtube™) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2018-09-27]
CHR Extension: (Black Theme - New Tab Page) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cniaphkhbnolgdhijjmigdfeojkjenhk [2017-12-19]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2017-11-17]
CHR Extension: (Tampermonkey) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-09-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-01]
CHR Extension: (YouTube Dark Theme) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\icgoeaddhagkbjnnigiblfebijeinfme [2018-11-03]
CHR Extension: (The West - tw-db.info Cloth Calc [cz]) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\modoaojfncmlbbnfgmbjeklfkhjnhdob [2017-07-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Fullscreen Anything) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\olcfgpmjldkkjdclidhcbonieibfhhdh [2018-09-17]
CHR Extension: (The West - tw-db.info Cloth Calc [eng]) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfokggpnenjibdcfibokbhkbcheeloff [2017-10-26]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-17]
CHR Extension: (Chrome Media Router) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-17]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1309176 2017-03-10] (Autodesk Inc.)
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-06-25] (Advanced Micro Devices, Inc.) [File not signed]
S4 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-04-24] (Advanced Micro Devices) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [84992 2014-01-22] () [File not signed]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2018-09-20] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2302152 2018-11-05] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2302152 2018-11-05] (ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [706120 2018-10-25] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7112264 2018-10-02] (GOG.com)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
S2 KMSServerService; C:\windows\KMSServerService\KMS Server Service.exe [236032 2017-11-14] (My Digital Life Forums) [File not signed]
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
S4 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-16] (Lenovo(beijing) Limited)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32384 2016-10-03] (The OpenVPN Project)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [743616 2015-12-02] (@ByELDI) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-06-24] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\windows\system32\drivers\amdacpksd.sys [305544 2018-02-17] (Advanced Micro Devices)
S0 amdkmafd; C:\windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [88984 2018-02-17] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-12] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-01-09] (Bluestack System Inc. )
S3 cpuz143; C:\windows\temp\cpuz143\cpuz143_x64.sys [48960 2018-02-17] (CPUID)
S3 DESerialPort; C:\windows\system32\DRIVERS\DimensionSerialPort.sys [24576 2016-11-12] ()
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [143448 2018-11-05] (ESET)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [863944 2018-07-14] (EasyAntiCheat Oy)
R0 edevmon; C:\windows\System32\DRIVERS\edevmon.sys [107896 2018-11-05] (ESET)
S0 eelam; C:\windows\System32\DRIVERS\eelam.sys [15872 2018-02-19] (ESET)
R1 ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [188832 2018-11-05] (ESET)
R1 epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [109864 2018-11-05] (ESET)
R3 frzway; C:\windows\system32\DRIVERS\frzway.sys [34552 2017-03-17] (The OpenVPN Project)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-02-17] (REALiX(tm))
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 npf; C:\windows\System32\drivers\npf.sys [40464 2009-02-08] (CACE Technologies)
R3 RtkBtFilter; C:\windows\system32\DRIVERS\RtkBtfilter.sys [710656 2018-02-17] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [420832 2018-02-17] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [3127552 2018-02-17] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\windows\system32\DRIVERS\rtwlane.sys [7682928 2018-02-17] (Realtek Semiconductor Corporation )
R3 taphss6; C:\windows\system32\DRIVERS\taphss6.sys [42064 2017-03-21] (Anchorfree Inc.)
S3 uvhid; C:\windows\System32\drivers\uvhid.sys [28128 2017-12-13] (Windows (R) Win 7 DDK provider)
S1 VBoxNetAdp; C:\windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-28] (Oracle Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2018-01-08] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2018-01-08] (Zemana Ltd.)
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-09 20:10 - 2018-11-09 20:11 - 000024591 _____ C:\Users\Honza\Downloads\FRST.txt
2018-11-09 20:09 - 2018-11-09 20:10 - 000000000 ____D C:\FRST
2018-11-09 20:09 - 2018-11-09 20:09 - 002415616 _____ (Farbar) C:\Users\Honza\Downloads\FRST64.exe
2018-11-08 22:20 - 2018-11-08 22:20 - 000197189 _____ C:\Users\Honza\Downloads\Volvo_FH16_1500HP_Engine_by_Darken-B.rar
2018-11-05 16:44 - 2018-11-05 17:02 - 000000146 _____ C:\Users\Honza\Desktop\wifi.bat
2018-11-05 12:01 - 2018-11-05 12:01 - 003243266 _____ C:\Users\Honza\Downloads\TL-WR841N-V10-stripped.zip
2018-11-04 22:29 - 2018-11-08 13:40 - 000000842 _____ C:\windows\system32\Drivers\etc\hosts.ics
2018-11-04 16:54 - 2018-11-04 16:54 - 000353316 _____ C:\Users\Honza\Downloads\Sitovy_rozbor_kameniva.pdf
2018-11-03 18:43 - 2018-11-03 18:43 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-11-03 18:43 - 2018-11-03 18:43 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2018-11-03 18:21 - 2018-11-03 18:21 - 000000222 _____ C:\Users\Honza\Desktop\Rocket League.url
2018-11-03 17:14 - 2018-11-03 17:14 - 000000222 _____ C:\Users\Honza\Desktop\GRID Autosport.url
2018-11-02 21:04 - 2018-11-02 21:04 - 000000000 ____D C:\Program Files (x86)\Destiny 2
2018-11-02 14:24 - 2018-11-02 14:24 - 000000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2018-11-02 14:24 - 2018-11-02 14:24 - 000000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdate
2018-11-02 09:32 - 2018-11-02 09:32 - 000466456 _____ (Creative Labs) C:\windows\system32\wrap_oal.dll
2018-11-02 09:32 - 2018-11-02 09:32 - 000444952 _____ (Creative Labs) C:\windows\SysWOW64\wrap_oal.dll
2018-11-02 09:32 - 2018-11-02 09:32 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\windows\system32\OpenAL32.dll
2018-11-02 09:32 - 2018-11-02 09:32 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\windows\SysWOW64\OpenAL32.dll
2018-11-02 09:32 - 2018-11-02 09:32 - 000000000 ____D C:\Program Files (x86)\OpenAL
2018-11-02 09:31 - 2018-11-03 20:06 - 000000000 ____D C:\Users\Honza\AppData\Roaming\SpinTires
2018-11-02 08:52 - 2018-11-02 08:52 - 000000222 _____ C:\Users\Honza\Desktop\F1 2015.url
2018-11-02 08:51 - 2018-11-02 08:51 - 000000222 _____ C:\Users\Honza\Desktop\Spintires.url
2018-11-02 00:33 - 2018-11-02 00:33 - 000000222 _____ C:\Users\Honza\Desktop\DiRT 3 Complete Edition.url
2018-10-31 22:36 - 2018-11-01 14:14 - 000000000 ____D C:\Users\Honza\Documents\ETS2MP
2018-10-31 19:38 - 2018-10-31 19:38 - 000667351 _____ C:\Users\Honza\Downloads\launcher_1004.zip
2018-10-30 11:18 - 2018-10-30 11:18 - 000000000 ____D C:\Program Files\XING
2018-10-30 11:18 - 2018-10-30 11:18 - 000000000 ____D C:\Program Files (x86)\XING
2018-10-29 18:09 - 2018-11-02 09:54 - 000000000 ____D C:\ProgramData\Codemasters
2018-10-29 17:18 - 2018-10-29 17:18 - 000000222 _____ C:\Users\Honza\Desktop\DiRT Rally.url
2018-10-27 18:07 - 2018-10-27 18:07 - 000006322 _____ C:\Users\Honza\Desktop\HEL0075.xlsx
2018-10-24 09:36 - 2018-10-24 09:36 - 000016229 _____ C:\Users\Honza\Downloads\stipendia.pdf
2018-10-22 15:02 - 2018-10-22 15:04 - 000000000 ____D C:\Users\Honza\AppData\Roaming\SCP Secret Laboratory
2018-10-22 15:02 - 2018-10-22 15:02 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Hubert Moszka
2018-10-21 10:33 - 2018-10-21 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossout
2018-10-20 21:24 - 2018-10-20 21:37 - 000009211 _____ C:\Users\Honza\Desktop\set.xlsx
2018-10-20 15:27 - 2018-10-20 15:27 - 000039588 _____ C:\Users\Honza\Downloads\Funkce-HEL0075.xlsx
2018-10-18 13:03 - 2018-10-18 13:03 - 000000000 ____D C:\Users\Honza\AppData\Local\The Witcher
2018-10-18 12:55 - 2018-10-18 12:55 - 000000000 ____D C:\Users\Honza\Documents\The Witcher
2018-10-18 12:55 - 2018-10-18 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher Enhanced Edition [GOG.com]
2018-10-18 12:54 - 2018-10-18 12:55 - 000001613 _____ C:\Users\Public\Desktop\The Witcher Enhanced Edition Director's Cut.lnk
2018-10-18 12:54 - 2018-10-18 12:55 - 000000000 ____D C:\Users\Public\Documents\The Witcher
2018-10-18 12:31 - 2018-10-18 12:31 - 000001068 _____ C:\Users\Public\Desktop\GOG Galaxy.lnk
2018-10-18 12:31 - 2018-10-18 12:31 - 000000000 ____D C:\Users\Honza\AppData\Local\GOG.com
2018-10-18 12:31 - 2018-10-18 12:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2018-10-18 12:30 - 2018-10-25 08:18 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2018-10-18 12:30 - 2018-10-18 12:30 - 000000000 ____D C:\ProgramData\GOG.com
2018-10-17 20:42 - 2018-10-18 08:57 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Heroes and Generals
2018-10-17 20:42 - 2018-10-17 20:42 - 000000000 ____D C:\Users\Honza\AppData\Roaming\HeroesAndGeneralsDesktop
2018-10-17 19:56 - 2018-10-17 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-10-17 19:55 - 2018-10-17 19:55 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Lavasoft
2018-10-17 19:55 - 2018-10-17 19:55 - 000000000 ____D C:\Users\Honza\AppData\Local\Lavasoft
2018-10-17 19:55 - 2018-10-17 19:55 - 000000000 ____D C:\ProgramData\Lavasoft
2018-10-17 19:55 - 2018-10-17 19:55 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2018-10-17 15:38 - 2018-10-17 15:38 - 128392363 _____ C:\Users\Honza\Downloads\drive-download-20181017T143817Z-001.zip
2018-10-17 15:36 - 2018-10-17 15:36 - 118876921 _____ C:\Users\Honza\Downloads\drive-download-20181017T143602Z-001.zip
2018-10-16 17:21 - 2018-10-16 17:21 - 000001089 _____ C:\Users\Honza\Desktop\Výukový program deskriptivní geometrie.lnk
2018-10-16 17:21 - 2018-10-16 17:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Výukový program deskriptivní geometrie
2018-10-16 17:21 - 2018-10-16 17:21 - 000000000 ____D C:\Program Files (x86)\Výukový program deskriptivní geometrie
2018-10-15 10:29 - 2018-10-15 10:29 - 000000219 _____ C:\Users\Honza\Desktop\Left 4 Dead 2.url
2018-10-11 17:03 - 2018-10-11 17:51 - 000000600 _____ C:\Users\Honza\AppData\Local\PUTTY.RND
2018-10-11 16:57 - 2018-10-11 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)
2018-10-11 16:57 - 2018-10-11 16:57 - 000000000 ____D C:\Program Files\PuTTY
2018-10-11 16:24 - 2018-10-11 22:08 - 000000600 _____ C:\Users\Honza\AppData\Roaming\winscp.rnd
2018-10-11 16:03 - 2018-11-05 12:14 - 000000000 ____D C:\Users\Honza\Documents\Arouter
2018-10-11 13:19 - 2018-10-11 13:19 - 000043872 _____ (Connectify) C:\windows\system32\Drivers\cnnctfy3.sys
2018-10-11 13:19 - 2018-10-11 13:19 - 000036736 _____ (Connectify) C:\windows\system32\Drivers\cfywlan1.sys
2018-10-10 19:22 - 2018-10-10 19:22 - 000000022 _____ C:\windows\system32\stats_backup.csv
2018-10-10 19:22 - 2018-10-10 19:22 - 000000022 _____ C:\windows\system32\stats.csv
2018-10-10 14:15 - 2018-09-18 06:52 - 025735168 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-10-10 14:15 - 2018-09-18 06:25 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-10-10 14:15 - 2018-09-18 06:14 - 005779456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-10-10 14:15 - 2018-09-18 06:14 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-10-10 14:15 - 2018-09-18 05:49 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2018-10-10 14:15 - 2018-09-18 05:42 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-10-10 14:15 - 2018-09-18 05:39 - 015283712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-10-10 14:15 - 2018-09-18 05:35 - 004510720 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-10-10 14:15 - 2018-09-18 05:33 - 020278784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-10-10 14:15 - 2018-09-18 05:23 - 001555968 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-10-10 14:15 - 2018-09-18 05:21 - 000497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-10-10 14:15 - 2018-09-18 05:13 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-10-10 14:15 - 2018-09-18 04:57 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-10-10 14:15 - 2018-09-18 04:55 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2018-10-10 14:15 - 2018-09-18 04:53 - 013679616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-10-10 14:15 - 2018-09-18 04:51 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-10-10 14:15 - 2018-09-18 04:37 - 004037632 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-10-10 14:15 - 2018-09-18 04:34 - 001330176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-10-10 14:15 - 2018-08-26 04:13 - 015441920 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2018-10-10 14:15 - 2018-08-26 04:08 - 013321728 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2018-10-10 14:15 - 2018-08-14 20:04 - 004171264 _____ (Gracenote, Inc.) C:\windows\SysWOW64\gnsdk_fp.dll
2018-10-10 14:15 - 2018-08-09 14:16 - 004876800 _____ (Gracenote, Inc.) C:\windows\system32\gnsdk_fp.dll
2018-10-10 14:14 - 2018-09-18 05:10 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-10-10 14:14 - 2018-09-18 04:31 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-10-10 14:14 - 2018-09-18 01:26 - 000343552 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2018-10-10 14:14 - 2018-09-11 17:38 - 004168704 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-10-10 14:14 - 2018-09-08 21:53 - 002532552 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2018-10-10 14:14 - 2018-09-08 19:40 - 007372224 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-10-10 14:14 - 2018-09-08 19:40 - 002014136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2018-10-10 14:14 - 2018-09-08 19:33 - 001368776 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2018-10-10 14:14 - 2018-09-08 19:22 - 001737696 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2018-10-10 14:14 - 2018-09-08 19:22 - 001676152 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-10-10 14:14 - 2018-09-08 19:22 - 001536216 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2018-10-10 14:14 - 2018-09-08 19:22 - 001500528 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-10-10 14:14 - 2018-09-08 19:22 - 001371448 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2018-10-10 14:14 - 2018-09-08 18:58 - 001902936 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2018-10-10 14:14 - 2018-09-08 16:43 - 001085440 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2018-10-10 14:14 - 2018-09-08 03:12 - 001549040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2018-10-10 14:14 - 2018-09-08 03:12 - 000388336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2018-10-10 14:14 - 2018-09-07 18:39 - 002902528 _____ (Microsoft Corporation) C:\windows\system32\themeui.dll
2018-10-10 14:14 - 2018-09-07 17:51 - 002849280 _____ (Microsoft Corporation) C:\windows\SysWOW64\themeui.dll
2018-10-10 14:14 - 2018-09-01 17:43 - 000401920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2018-10-10 14:14 - 2018-08-29 14:51 - 002451800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-10-10 14:14 - 2018-08-26 05:07 - 000004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2018-10-10 14:14 - 2018-08-26 05:07 - 000004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2018-10-10 14:14 - 2018-08-12 21:25 - 000149632 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2018-10-10 14:14 - 2018-08-12 18:07 - 000179200 _____ (Microsoft Corporation) C:\windows\system32\itss.dll
2018-10-10 14:14 - 2018-08-12 17:32 - 000151040 _____ (Microsoft Corporation) C:\windows\SysWOW64\itss.dll
2018-10-10 14:14 - 2018-08-12 15:21 - 001633008 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-09 20:11 - 2018-01-08 18:46 - 000518165 _____ C:\windows\ZAM.krnl.trace
2018-11-09 20:11 - 2018-01-08 18:46 - 000505212 _____ C:\windows\ZAM_Guard.krnl.trace
2018-11-09 16:58 - 2016-11-03 16:45 - 000000000 ____D C:\Program Files (x86)\Steam
2018-11-09 16:21 - 2016-10-27 20:39 - 000003958 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{49DE0708-712F-4003-B15C-6CC13528C5BD}
2018-11-09 16:19 - 2016-10-27 20:36 - 000000000 __RDO C:\Users\Honza\OneDrive
2018-11-09 12:29 - 2016-10-27 20:28 - 000000000 ____D C:\Users\Honza
2018-11-08 22:32 - 2017-07-03 13:56 - 000000000 ____D C:\Users\Honza\Documents\Euro Truck Simulator 2
2018-11-07 16:47 - 2014-09-16 03:42 - 000734510 _____ C:\windows\system32\perfh005.dat
2018-11-07 16:47 - 2014-09-16 03:42 - 000148820 _____ C:\windows\system32\perfc005.dat
2018-11-07 16:47 - 2014-03-18 10:53 - 001739092 _____ C:\windows\system32\PerfStringBackup.INI
2018-11-07 16:47 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2018-11-07 16:43 - 2016-11-22 21:51 - 000000000 ____D C:\Users\Honza\AppData\Local\CrashDumps
2018-11-07 16:41 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-11-07 16:40 - 2016-12-06 21:38 - 000000000 ____D C:\windows\Minidump
2018-11-07 16:40 - 2016-10-28 05:23 - 000146620 ____N C:\windows\Minidump\110718-41890-01.dmp
2018-11-07 16:36 - 2017-12-21 16:32 - 000004128 _____ C:\windows\System32\Tasks\CCleaner Update
2018-11-07 16:31 - 2016-10-28 05:23 - 000143036 ____N C:\windows\Minidump\110718-39156-01.dmp
2018-11-07 15:12 - 2016-11-22 16:10 - 003042816 ___SH C:\Users\Honza\Downloads\Thumbs.db
2018-11-06 22:33 - 2014-09-16 03:35 - 000065536 _____ C:\windows\system32\spu_storage.bin
2018-11-06 22:33 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2018-11-06 22:33 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\BBI
2018-11-05 17:12 - 2016-10-27 20:39 - 000003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2184128150-3763628530-3428707980-1002
2018-11-05 16:50 - 2018-07-12 13:22 - 000109864 _____ (ESET) C:\windows\system32\Drivers\epfwwfp.sys
2018-11-05 16:50 - 2016-10-13 15:39 - 000188832 _____ (ESET) C:\windows\system32\Drivers\ehdrv.sys
2018-11-05 16:49 - 2018-07-12 13:22 - 000107896 _____ (ESET) C:\windows\system32\Drivers\edevmon.sys
2018-11-05 16:49 - 2016-10-13 15:39 - 000143448 _____ (ESET) C:\windows\system32\Drivers\eamonm.sys
2018-11-05 15:57 - 2016-10-28 05:23 - 000146108 ____N C:\windows\Minidump\110518-35375-01.dmp
2018-11-05 12:37 - 2016-10-28 05:23 - 000142524 ____N C:\windows\Minidump\110518-36593-01.dmp
2018-11-05 12:20 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
2018-11-05 09:56 - 2016-10-28 05:23 - 000143092 ____N C:\windows\Minidump\110518-35312-01.dmp
2018-11-04 08:21 - 2016-11-27 17:30 - 000120320 ___SH C:\Users\Honza\Desktop\Thumbs.db
2018-11-03 18:43 - 2016-11-29 19:30 - 000000000 ____D C:\Users\Honza\Documents\My Games
2018-11-03 18:21 - 2016-11-03 16:58 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-11-03 12:56 - 2016-11-20 12:37 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Mozilla
2018-11-02 20:56 - 2018-01-12 14:48 - 000000000 ____D C:\Users\Honza\AppData\Local\Battle.net
2018-11-02 20:28 - 2016-12-10 14:30 - 000000000 ____D C:\Users\Honza\Documents\EA Games
2018-11-02 20:26 - 2018-01-12 14:45 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-11-02 20:24 - 2018-01-12 14:48 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Battle.net
2018-11-02 14:26 - 2016-10-27 20:32 - 000000000 ____D C:\Users\Honza\AppData\Local\Packages
2018-11-02 14:26 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-02 14:24 - 2018-03-17 13:53 - 000000000 ____D C:\ProgramData\Samsung
2018-11-02 09:53 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-10-31 19:39 - 2017-07-23 20:21 - 000000000 ____D C:\ProgramData\TruckersMP
2018-10-31 19:38 - 2017-07-17 18:14 - 000000812 _____ C:\Users\Public\Desktop\TruckersMP.lnk
2018-10-31 19:38 - 2017-07-17 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher
2018-10-30 17:43 - 2016-12-13 21:14 - 000000000 ____D C:\Users\Honza\AppData\Local\Ubisoft Game Launcher
2018-10-30 12:32 - 2017-12-22 08:17 - 000000000 ____D C:\Users\Honza\Documents\ProfileCache
2018-10-30 12:31 - 2017-12-22 08:17 - 000000000 ____D C:\Users\Honza\Documents\The Crew
2018-10-30 11:18 - 2014-09-16 03:44 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-10-25 08:25 - 2017-06-17 13:50 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-24 00:29 - 2016-10-30 11:22 - 000000000 ____D C:\Users\Honza\AppData\Roaming\TS3Client
2018-10-22 15:09 - 2017-03-12 18:58 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Unity
2018-10-21 10:30 - 2016-10-27 20:39 - 000000000 __SHD C:\Users\Honza\AppData\LocalLow\EmieUserList
2018-10-21 10:30 - 2016-10-27 20:39 - 000000000 __SHD C:\Users\Honza\AppData\LocalLow\EmieSiteList
2018-10-20 15:04 - 2017-11-02 17:19 - 000000000 ____D C:\Users\Honza\AppData\Local\Microsoft Help
2018-10-19 07:58 - 2017-12-23 20:16 - 000627456 _____ C:\windows\system32\FNTCACHE.DAT
2018-10-17 19:50 - 2017-06-30 14:31 - 000000000 ____D C:\Users\Honza\AppData\Roaming\uTorrent
2018-10-13 12:24 - 2013-08-22 16:36 - 000000000 ____D C:\windows\rescache
2018-10-11 13:50 - 2018-03-19 15:41 - 004063744 _____ C:\Users\Honza\Desktop\TL-WR841Nv14_EU_0.9.1_4.16_up_boot[180319-rel57291].bin
2018-10-10 15:33 - 2013-08-22 16:20 - 000000000 ____D C:\windows\CbsTemp
2018-10-10 15:24 - 2017-11-14 19:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-10-10 15:22 - 2016-11-04 18:24 - 000000000 ____D C:\windows\system32\MRT
2018-10-10 15:13 - 2016-11-04 18:24 - 136745976 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-10-10 15:12 - 2013-08-22 14:25 - 000000202 _____ C:\windows\win.ini

==================== Files in the root of some directories =======

2017-09-28 15:12 - 2018-08-01 17:44 - 000000005 _____ () C:\Users\Honza\AppData\Roaming\.nfe_lock
2018-10-11 16:24 - 2018-10-11 22:08 - 000000600 _____ () C:\Users\Honza\AppData\Roaming\winscp.rnd
2016-10-27 20:32 - 2018-11-09 16:17 - 000602266 _____ () C:\Users\Honza\AppData\Local\BTServer.log
2018-10-11 17:03 - 2018-10-11 17:51 - 000000600 _____ () C:\Users\Honza\AppData\Local\PUTTY.RND
2018-07-19 14:44 - 2018-07-19 14:44 - 000007668 _____ () C:\Users\Honza\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-05 14:06

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08.11.2018
Ran by Honza (09-11-2018 20:13:11)
Running from C:\Users\Honza\Downloads
Windows 8.1 (Update) (X64) (2016-10-27 19:31:39)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2184128150-3763628530-3428707980-500 - Administrator - Disabled)
Guest (S-1-5-21-2184128150-3763628530-3428707980-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2184128150-3763628530-3428707980-1004 - Limited - Enabled)
Honza (S-1-5-21-2184128150-3763628530-3428707980-1002 - Administrator - Enabled) => C:\Users\Honza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-1001-0000-3102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
ACP Application (HKLM\...\{CAB783C3-6215-337D-AD99-F52274EFC2CC}) (Version: 2017.0424.2109.30 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
AutoCAD 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 – Čeština (Czech) (HKLM\...\AutoCAD 2018 – Čeština (Czech)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
AVS Audio Editor 8.2.1 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 8.2.1.513 - Online Media Technologies Ltd.)
B109n-z (HKLM-x32\...\{D1B10CDC-8295-4DBB-B962-DD94D22131C2}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
Balíček ovladače systému Windows - Dimension Engineering USB Serial Converter (11/11/2016 1.0.3.21) (HKLM\...\377DE9679F7155ADE94AA4BCBF4CA02472B49707) (Version: 11/11/2016 1.0.3.21 - Dimension Engineering)
Balíček ovladače systému Windows - Dimension Engineering USB Serial Converter (11/12/2015 1.0.3.13) (HKLM\...\32A12E2F88EE40BDBADBB41ECCB8559DEE67F7A3) (Version: 11/12/2015 1.0.3.13 - Dimension Engineering)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Betternet for Windows (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF4C703900}) (Version: 3.9.0.0 - Betternet Technologies Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.55.70.1783 - BlueStack Systems, Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{5D77CB92-5713-F59F-F64C-4DD066D6CA99}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{4FE1ABF7-0EE5-FF79-CE50-6BC0C125E147}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{F6C0C5F8-2E59-8920-323C-40823C54F6E2}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{DEC9CFAB-F251-407A-F312-F8DFB0451FF4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{3024527B-D316-44C1-A5D5-E2163E3583D4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{78482405-18F4-0F13-F175-C23C30290DF5}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{F6983003-FDAF-040E-3CF1-CE1D7F74F509}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{1D7C9B51-E055-FC3A-D6DC-22F5153A7D7A}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{A533BAA8-E063-2F06-B990-F6B95FCABE94}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{390FBFCF-76EE-DABA-5053-E296AAEE75C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{13E39920-1A06-7E6C-4285-7DA8C0BF2A93}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{39E755D0-C657-A6FA-F11F-AAA4BF7BF958}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{B8445E38-BAF0-9C1F-0001-C32BDDF74AAF}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{90F1187C-B9C5-2105-CD02-8CBE149CA62A}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{30462FD8-AA9A-42C3-258E-F7F622244CE3}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{BB95E5DA-D642-1E55-1032-9A4CA2E961C3}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E72E94E1-AE52-3C90-47AA-DFA76292888C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{BCC1FBF8-AC72-A809-A864-DEEB5C8F765F}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{61AA8151-9134-9A8A-A569-CD676FEDE71F}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{F3E512BC-245B-1334-2EFE-69075A2CDA40}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{3CFB6419-D3E3-959A-6F30-116355075E47}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
Counter-Strike 1.6 (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Counter-Strike 1.6) (Version: - )
Counter-Strike 1.6 v43g (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Counter-Strike 1.6_is1) (Version: - Valve)
CPUID HWMonitor 1.31 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Crossout Launcher 1.0.3.65 (HKLM-x32\...\CrossOutLauncher_is1) (Version: - )
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Discord (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Discord) (Version: 0.0.301 - Discord Inc.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
ECigStats (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\ECigStats) (Version: - Evolv)
EDITOR PACK for GTA IV (HKLM-x32\...\EDITOR PACK for GTA IV) (Version: - )
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo)
Epic Games Launcher (HKLM-x32\...\{B2FF9400-A012-44F7-99CE-37C216A6CD70}) (Version: 1.1.131.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EScribe Suite (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\EScribe) (Version: - Evolv)
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.)
Facebook Gameroom 1.20.6618.42311 (HKLM-x32\...\{CF2C7CB9-1009-4EAA-9033-317F4C4C9DA2}) (Version: 1.20.6618.42311 - Facebook)
GeoGebra Classic (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\GeoGebra_6) (Version: 6.0.498 - International GeoGebra Institute)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto IV version 1.0.7.0 (HKLM-x32\...\Grand Theft Auto IV_is1) (Version: 1.0.7.0 - Mr DJ)
Hama Racing Wheel Thunder V5 (HKLM-x32\...\{F1A994FF-DF9B-4937-9DB9-87EC4FF1B31F}) (Version: 1.00.0000 - XC)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B109n-z All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{5B8D29B6-988A-4EFB-A577-CFA8968DD7D3}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Malwarebytes verze 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 56.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 cs)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla)
Mozilla Thunderbird 52.3.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.3.0 (x86 cs)) (Version: 52.3.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite 10 (HKLM-x32\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{1D464EFF-EC8B-F225-2F74-F74143200DDF}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overlook Fing (HKLM-x32\...\Overlook Fing 3.0) (Version: 3.0 - Overlook)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.5.154 - Autodesk)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
PS_AIO_06_B109n-z_SW_Min (HKLM-x32\...\{D5673351-2871-4041-8ABE-ACF876303DB0}) (Version: 140.0.863.000 - Hewlett-Packard) Hidden
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.806.012214 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39058 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.30.0239 - REALTEK Semiconductor Corp.)
SafeQ (HKLM-x32\...\SafeQ) (Version: 0.9 - VŠB-TUO)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SmartPSS 1.16.1 (HKLM-x32\...\SmartPSS) (Version: 1.16.1 - )
SoftPerfect WiFi Guard version 2.0.1 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 2.0.1 - SoftPerfect)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.76 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\1207658924_is1) (Version: 2.1.0.15 - GOG.com)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 release candidate 3 - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Unity Web Player (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 26.1 - Ubisoft)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Výukový program deskriptivní geometrie 2.51 (HKLM-x32\...\Výukový program deskriptivní geometrie_is1) (Version: - Martin Hlaváč, Michal Křen, Krcha.com)
Web Companion (HKLM-x32\...\{f2bbb304-3d2f-4f8f-8797-3d08e213b462}) (Version: 4.3.1934.3766 - Lavasoft)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
winpcap-overlook 4.02 (HKLM-x32\...\winpcap-overlook) (Version: - )
World of Tanks - Common Test (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812ct}_is1) (Version: - Wargaming.net)
World of Tanks (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
Wotspeak ModPack 1.0.0 ver.2 version 1.0.0 (HKLM-x32\...\{JustDj-5BB6-48C0-B04A-8985E39DF495}_is1) (Version: 1.0.0 - JustDJ)
XVM verze 7.5.0 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 7.5.0 - XVM team)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_EN_is1) (Version: 19.1612.2.11 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\cs-CZ\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-01-08] ()
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-01-06] (Realtek Semiconductor Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-11-05] (ESET)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2015-04-06] (Online Media Technologies Ltd.)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-11-05] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-06-25] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-01-08] ()
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-11-05] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02711BAB-B4A1-4124-B79B-1B813A286BF1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {07E8819E-E6E1-437C-8124-E66C91574ADF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {12E9410C-9AD6-44E6-BFA3-4312969AFCAC} - System32\Tasks\Driver Booster SkipUAC (Honza) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe
Task: {5715A2C3-A3CE-481B-A6A8-8A230E3CDFBE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-17] (Google Inc.)
Task: {58CC5F6C-4684-49A4-9E41-CEB01720982F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6C3689D1-7157-44BA-8315-058118BD3155} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {811BE05B-27B7-4CF0-9CED-851546290E20} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {A1219810-4B2C-4CD3-B73D-B9C8D1C9F267} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {A75B4222-473B-4EA9-91A5-877D141DC88B} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [2018-06-26] (BlueStack Systems, Inc.)
Task: {CF1B340E-5722-45A9-A9CA-20442D27D111} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-17] (Google Inc.)
Task: {D6B46D86-154C-4816-BA66-5557336F272B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {D86E2CBC-BEF4-4C1F-9D7D-C18CEB56ED27} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DE010163-A0B0-4EC3-92CA-23353A0523AB} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI)
Task: {DE145AF3-609B-4FE1-8CD8-B0E837B23937} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {F0F2B127-04E7-453E-B029-7D1AB793000E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {F17AD1E3-7A62-42D5-B551-7845580E7321} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wifi.bat.lnk -> C:\Users\Honza\Desktop\wifi.bat ()

==================== Loaded Modules (Whitelisted) ==============

2016-09-28 03:53 - 2016-09-28 03:53 - 000031248 _____ () C:\windows\System32\ssm4mlm.dll
2014-09-16 03:45 - 2014-01-22 22:04 - 000084992 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-09-16 03:40 - 2010-10-26 21:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2018-10-25 08:25 - 2018-10-23 22:24 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libglesv2.dll
2018-10-25 08:25 - 2018-10-23 22:24 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libegl.dll
2016-11-03 16:48 - 2018-10-30 19:06 - 000879904 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-11-03 16:48 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-11-03 16:48 - 2018-11-08 20:02 - 002649376 _____ () C:\Program Files (x86)\Steam\video.dll
2016-11-03 16:48 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-11-03 16:48 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-12-20 20:52 - 2017-12-20 02:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-20 20:52 - 2017-12-20 02:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-20 20:52 - 2017-12-20 02:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-20 20:52 - 2017-12-20 02:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-20 20:52 - 2017-12-20 02:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2016-11-03 16:48 - 2018-11-08 20:02 - 001028384 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-11-03 16:48 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-07-03 13:21 - 2018-10-30 19:06 - 000879904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-14 17:25 - 2018-09-23 01:00 - 088009504 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-07-23 16:52 - 2018-09-23 01:00 - 002264352 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
2017-07-23 16:52 - 2018-09-23 01:00 - 000124704 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Honza:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\AppData:CSM [468]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Software\Classes\.scr: AutoCADScriptFile => C:\windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Honza\Pictures\city.jpg
DNS Servers: 193.85.1.100 - 193.85.2.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdvancedSystemCareService11 => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: amdacpusrsvc => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Lenovo System Agent Service => 2
MSCONFIG\Services: LenovoWiFiHotspotSvr => 2
MSCONFIG\Services: MBAMService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: OpenVPNService => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: ZAMSvc => 2
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "Energy Manager"
HKLM\...\StartupApproved\Run: => "OnekeyStudio"
HKLM\...\StartupApproved\Run: => "PhoneCompanion"
HKLM\...\StartupApproved\Run: => "Lenovo Utility"
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run: => "RtsFT"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "ZAM"
HKLM\...\StartupApproved\Run: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "UpdateP2GShortCut"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "jswtrayutil"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SafeQClient"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\StartupFolder: => "wifi.bat.lnk"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "ECigStats"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "AppEx Accelerator UI"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "appnhost"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_7F5A1536901808934F0FA412D4DB0056"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Unified Remote V3"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Advanced SystemCare 11"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "World of Tanks (1)"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "World of Tanks (2)"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "GalaxyClient"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BBD2C209-51E7-4119-A865-769AE11B2B5A}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{9FA1355B-6DBD-4670-92E7-E0F513723925}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{60E95E4B-2DFB-4622-B49C-FCD1B29448DA}] => (Allow) LPort=55100
FirewallRules: [{A8B04957-D14A-4BA5-9B21-31818D7DF7C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B7E60447-8791-4E0D-9C7D-8EF5ABC4026B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1CEEF794-5A8F-4FCC-ADA5-EF40ADDA9830}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{59A86934-5CFD-4C06-80FE-C6567EEDC40D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DB868EB1-DCDE-40B9-8F07-AF9DB02CAF4B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{32B65EFF-64A2-47ED-A518-1F1FCBE22C99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7C82F891-EC3B-4C69-8638-98D13B2B6267}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{296327DF-0870-4EC3-B291-362C5CEAFCD7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{DEA3B0B6-7528-437A-9FE0-EE50F1070A13}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{2ED3114C-4699-45B8-810D-8DB44A22629E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{0E6177D9-A4B2-4283-A034-AB3016233915}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{B73F02B3-8681-4C0F-B40C-9BCDF97F4352}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [TCP Query User{2EB906E2-2D98-4D78-BF71-42D65FBE3581}C:\games\cs\hl.exe] => (Block) C:\games\cs\hl.exe
FirewallRules: [UDP Query User{8F089A33-37C6-4A5C-9CF3-BE6BDD386442}C:\games\cs\hl.exe] => (Block) C:\games\cs\hl.exe
FirewallRules: [TCP Query User{6B874971-E65D-4F4F-82D4-0977FD170061}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe
FirewallRules: [UDP Query User{B7AF69FC-ACB8-428A-8582-1038ED940E2F}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe
FirewallRules: [TCP Query User{0F461336-1859-4AD5-A96D-F70DC63EF8FD}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe
FirewallRules: [UDP Query User{CBDE5726-24A5-4978-86C1-1917219DDAC6}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe
FirewallRules: [{F4CEFE05-E6C5-43DC-8ACE-24B78E795663}] => (Allow) C:\Games\World_of_Tanks2\WoTLauncher.exe
FirewallRules: [{61204EDB-C020-4BF2-B58A-2C3CC8A9A9C6}] => (Allow) C:\Games\World_of_Tanks2\WoTLauncher.exe
FirewallRules: [{C000C353-65F5-4FAB-9563-FE69F3A24C7F}] => (Allow) C:\Games\World_of_Tanks2\worldoftanks.exe
FirewallRules: [{03FC45FC-19ED-45E2-B05D-679CA2CC13D6}] => (Allow) C:\Games\World_of_Tanks2\worldoftanks.exe
FirewallRules: [TCP Query User{5EC3BFD0-2D26-4F36-B388-1CAE0BD8F519}C:\users\honza\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\honza\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{5E2AE32E-F046-4709-B519-5A7006E84C9A}C:\users\honza\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\honza\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{F78B971F-7773-453A-8160-98FA5A85AE31}] => (Allow) C:\Games\Mr DJ\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{A49674F4-9170-441C-97E5-A68AED39BFFD}] => (Allow) C:\Games\Mr DJ\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{8CF569D7-0182-4F29-9A4D-2EA9647CC8C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{4AAB58EA-74ED-42BF-A256-1D99C2C119BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{F3AC03D2-6DF5-41FC-9134-5074152DC1FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{85236B60-8510-4962-A039-442199B7E40B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{D7BFF43D-BD68-4795-9F10-CC2414640172}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe
FirewallRules: [UDP Query User{2749F24A-06F7-47E2-8237-DBA29AAA32A9}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe
FirewallRules: [TCP Query User{BA6C6BCC-C510-42A3-BEB7-B43566B20FF6}C:\games\crossout\launcher.exe] => (Allow) C:\games\crossout\launcher.exe
FirewallRules: [UDP Query User{1E2E2326-5E13-44A2-9B05-949006991CBE}C:\games\crossout\launcher.exe] => (Allow) C:\games\crossout\launcher.exe
FirewallRules: [TCP Query User{86F34CB4-FECB-4E40-A031-36E1AA2EEDAB}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe
FirewallRules: [UDP Query User{D776594B-6AA1-46C5-BE02-415E5B39D000}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe
FirewallRules: [TCP Query User{E069136B-0A20-490D-A63D-2CA2C74E7D20}C:\users\honza\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\honza\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{FA7D6576-4778-4A5A-B0BB-00FF2F142B6D}C:\users\honza\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\honza\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{E224A3F9-A59F-4EE9-8BBD-98DF4FD29EC1}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{953092F8-5437-4FD6-BCC2-136287D6795B}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{CE139119-B1DE-4A1C-B138-A4A697210616}C:\users\honza\counter-strike 1.6\hl.exe] => (Allow) C:\users\honza\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{753B7056-FAF4-44B6-B612-6A16CD7D9F5E}C:\users\honza\counter-strike 1.6\hl.exe] => (Allow) C:\users\honza\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{E75E1797-527F-49FC-8A69-3818D33DB791}C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{F4BEC977-1312-4E67-8EC7-3A40C7A40B06}C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{7C046CEF-46F1-46E1-A426-9D8FB9FAD081}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{F70FF5ED-66E9-4CB4-9B9E-EBBD6C2B0B2D}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{D0F74C65-226E-47FD-9EB8-3456A8941342}C:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{6F7EF6C4-DA26-407F-BB06-AA4CA5B237F4}C:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{09F51426-EE5C-462C-A19B-9F3D92286FC6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7D19C1F4-7ADE-417C-9CEB-DCA3B8BB7270}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{9C778055-A069-4827-9265-465FAC482954}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2A1048F7-D31E-4DB3-A23E-8424EB8E15D7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{348FBA48-7C80-4F6C-A12B-E07712F00DEE}] => (Allow) C:\Games\FlightGear 2017.3.1\bin\fgfs.exe
FirewallRules: [{ECBDFFF8-9BD7-42B6-A8FB-B6980111E6B6}] => (Allow) C:\Games\FlightGear 2017.3.1\bin\fgcom.exe
FirewallRules: [TCP Query User{35478FD9-D4E5-48DD-943C-BEADB24F5899}C:\users\honza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\honza\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CEF18ECD-F8C2-4D25-BADC-D9578FD88C16}C:\users\honza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\honza\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A5CC6CC7-84BD-49DF-A22D-276CF2B66B7B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{5B0B2DBE-3303-4562-8861-4FB7ED5B20C8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{128A2ADB-E371-4EC1-8035-7132CDCFE290}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe
FirewallRules: [{3DCED428-61B3-46CF-9A95-A5FC5492138C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe
FirewallRules: [{B8B04EB8-530B-4F77-A9C1-F018BAE6F397}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{6418296C-B523-432B-BDFA-A96A27E7BA84}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{77830913-9B05-41EE-AD6B-AE3C8396CF9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{56754D44-FF9A-4D6F-A05F-EFAC45607689}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{228BD518-F2A1-46D2-9CE0-79E84DCC80DB}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{5F23E4AC-5778-4051-9466-117024D2B858}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{3016A83B-152B-4D2F-AA31-F83A2A50FC27}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{ABD5F771-77B2-4FDF-B5E7-190AC8BF0703}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [TCP Query User{CFF9E6BB-11FD-4232-A7AA-D87170FF0078}C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman origins\rayman origins.exe
FirewallRules: [UDP Query User{0343F172-FC64-4E07-ACEC-4041DDD7C9C7}C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman origins\rayman origins.exe
FirewallRules: [TCP Query User{94BCB6E5-1CE5-45A5-9ABF-206DBAC97764}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{D550CA8B-1B4D-44FB-BAF0-8D1ADDB54EA4}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{D412002E-3892-490E-862A-BAD92D50559B}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
FirewallRules: [{6CC22497-8CE6-4DAA-94D6-1B2429A80B8C}] => (Allow) C:\Games\World_of_Tanks_enCore\WoTEnCoreLauncher.exe
FirewallRules: [{06DEE1FD-1421-43D9-A060-4A5E3B53931E}] => (Allow) C:\Games\World_of_Tanks_enCore\WoTEnCoreLauncher.exe
FirewallRules: [{1627776A-CE92-48AB-97FF-15F78E0F2DCB}] => (Allow) C:\Games\World_of_Tanks_enCore\WorldOfTanksEnCoreLauncher.exe
FirewallRules: [{F785E918-4166-4BFD-8062-182BA5BFE4D6}] => (Allow) C:\Games\World_of_Tanks_enCore\WorldOfTanksEnCoreLauncher.exe
FirewallRules: [{E6A29E7F-D505-4F74-BFD9-9E02BA2AD332}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{3E16D526-2143-431A-BBD4-03BCBC8E3A2C}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{A7DFB8EF-5C30-4820-9B4B-5D6E32811C7A}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{6AC77636-2939-4E9F-95D2-A634FAB4EE8A}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [TCP Query User{627A8A8F-F378-42C1-A721-CFA979165C17}C:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [UDP Query User{96C9F255-7EA0-4717-AD5F-0EA90E5F99C3}C:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [TCP Query User{E1F82066-3D44-4FB5-B1E7-EA34FED1321D}C:\games\warthunder\launcher.exe] => (Allow) C:\games\warthunder\launcher.exe
FirewallRules: [UDP Query User{4D9B3101-047A-459B-A0DF-66AF4C1027D1}C:\games\warthunder\launcher.exe] => (Allow) C:\games\warthunder\launcher.exe
FirewallRules: [TCP Query User{5E63376C-D9CA-425D-B86C-FEBB01833604}C:\games\warthunder\win64\aces.exe] => (Block) C:\games\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{A3554BE8-923A-4AA2-B1D1-D0B460AD5AFB}C:\games\warthunder\win64\aces.exe] => (Block) C:\games\warthunder\win64\aces.exe
FirewallRules: [{2F4BDB23-E8A8-429E-BB5D-6A299B08FB00}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{1AF74BA3-218F-487F-BD3B-23711B095E85}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{FD3B1D77-E067-4FEE-B2D1-2A349D80F427}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{460E61A4-8BC7-4C5B-A801-58BD62C9E103}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{5122514C-7E30-4781-B994-36C24B480F4E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{8B2D9AE6-5403-4A58-B1AC-F6358122344E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{1B0DE5DC-B375-4F54-90B4-60B0E8FAB1C6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{2AE7E8C2-9039-447A-9E5D-1BF21C98AE2D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{7D7E6AB5-4299-45FF-A277-A1A7B6C2EC43}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{A0DE5B94-7A7E-451D-998A-5D72A544D60C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{03B39BBC-808C-4FA8-BA57-8BD76DCEC535}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{D2F9DD2B-54EA-4E91-9201-2A592DCE791A}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [TCP Query User{A2A2F80F-310F-490C-B74C-3EECAC52E6C7}C:\games\crossout\launcher.exe] => (Allow) C:\games\crossout\launcher.exe
FirewallRules: [UDP Query User{303119D7-51DD-4FFC-BA97-904F5A32B2D4}C:\games\crossout\launcher.exe] => (Allow) C:\games\crossout\launcher.exe
FirewallRules: [TCP Query User{D43C0DE6-3B74-4500-893A-3F68A732A646}C:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [UDP Query User{74854D24-DC23-443F-9669-F1199D3D201E}C:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [TCP Query User{D177BD14-DEA5-441A-AE86-5C3E68E375BB}C:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [UDP Query User{2D6F3EEA-F482-41C8-BC2E-F7227DD55685}C:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [TCP Query User{1FDA0C67-39CE-44FC-B5B4-005C0752004B}C:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [UDP Query User{F10FB1BE-7458-4191-A0D1-65A0E7DE98B1}C:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [{71FAC694-9289-4633-9A9D-F112E22CB0F1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1CBE3D0E-962C-4B7C-B5D9-94FCF9FF7796}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{9E97F50E-81D0-4069-973C-0A970FE31BF5}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{DBC71F37-4564-4AD6-8401-151D09396406}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{8BCFDD9B-FED4-49EF-8FAA-766378E706A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{97784A4E-65B1-44E3-B20A-C42D96ADCB20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{71182090-727C-449D-8A44-99FC8E422D21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{11F3D933-061D-4963-941F-D2ADD1D26B3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{D04AF6C7-F39D-4F2F-A898-74C015778811}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{61FDC57E-572F-432D-924D-5B05C18A28FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{325F0F78-E880-4FC6-AB3E-DD590C9B63F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5C60CC6D-98CB-4628-9952-503FFD00E863}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F52BACF9-EF9F-4C6F-81A9-8E0CCC5738BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B4AAAFCD-2811-440F-86A1-39842CD7B570}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{07A888EF-BA81-45E9-B2D7-BD0423F15F8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{C5ED1159-F08F-4EEB-A860-169D932AC2C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{20C9ECEC-7DF6-4B90-A662-73169F3A4C55}C:\users\honza\documents\arouter\tftpd64.exe] => (Allow) C:\users\honza\documents\arouter\tftpd64.exe
FirewallRules: [UDP Query User{4B51B67C-44D3-4E79-856D-D7803D1D1DAE}C:\users\honza\documents\arouter\tftpd64.exe] => (Allow) C:\users\honza\documents\arouter\tftpd64.exe
FirewallRules: [TCP Query User{6DBA0EE2-E07B-47E9-9C4F-FC2D9D58C360}C:\users\honza\documents\arouter\tftpd64.exe] => (Allow) C:\users\honza\documents\arouter\tftpd64.exe
FirewallRules: [UDP Query User{8C7F560A-4346-496A-8CD6-05BB5D8C1DC3}C:\users\honza\documents\arouter\tftpd64.exe] => (Allow) C:\users\honza\documents\arouter\tftpd64.exe
FirewallRules: [{FA05EC02-E888-4F3E-9F16-A0D9AB71A0DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{069D1F04-6639-41C7-8B4B-039C54E82D47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{BFF11F0C-218B-483C-9823-E9EC878A7E56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9712F1E9-7C00-445E-93CF-3E02A4DDCC2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{48215A26-5257-4241-8592-2E6C6E0DA105}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{ACBFF162-D628-4A8E-9323-C7D4942BAD9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{B2D7E178-A2F6-4E56-8396-2AA5D5C7EBAF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{95CD16DC-3DDD-4849-81D4-357721AB4830}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{688B83C0-D00B-459F-A6C8-2F623D867092}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{52FD7578-4136-44AD-A597-0CDCEC9E8268}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{BF9B6FCF-78FC-4355-A0F3-12888492CA69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{74C8E86A-C853-4BB6-8AD2-C697BBF9E15C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{515989F2-FA00-470B-8C29-8EAA4F4684C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{4393F8F0-37D6-41A8-A2FF-AA3EB4409DAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{3F949E02-5589-4AAC-85A8-5E437C33138E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{673CAE73-6964-4441-8626-48AF10F6D161}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{FDCEAC74-C4A8-427E-B3D5-3A597D3A4669}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{BC3BC41C-9940-4834-8A50-776BDF7AFD4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{9BAD6A60-9F8E-417E-9515-B1693B7183CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{371F1E2D-F302-4279-AD8F-E90EC86AB42D}] => (Allow) %systemroot%\system32\alg.exe

==================== Restore Points =========================

05-11-2018 14:07:18 Windows Update
09-11-2018 03:30:16 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/07/2018 04:43:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: netsh.exe, verze: 6.3.9600.17415, časové razítko: 0x54504281
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.19153, časové razítko: 0x5b93ffa7
Kód výjimky: 0xc0000142
Posun chyby: 0x00000000000ecf30
ID chybujícího procesu: 0xf2c
Čas spuštění chybující aplikace: 0x01d476b0975afcad
Cesta k chybující aplikaci: C:\windows\system32\netsh.exe
Cesta k chybujícímu modulu: KERNELBASE.dll
ID zprávy: da51be3a-e2a3-11e8-8300-38b1db5e6223
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/02/2018 02:19:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1d40

Čas spuštění: 01d472adf25d26aa

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: e73c1965-dea1-11e8-82f5-28d244e03fc1

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (11/02/2018 10:25:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HONZA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (11/01/2018 04:18:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Název chybujícího modulu: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000111eb3
ID chybujícího procesu: 0x1b60
Čas spuštění chybující aplikace: 0x01d471ee8a238e65
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
ID zprávy: 5a003f01-dde9-11e8-82f5-28d244e03fc1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/01/2018 04:18:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Název chybujícího modulu: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000111eb3
ID chybujícího procesu: 0x1b60
Čas spuštění chybující aplikace: 0x01d471ee8a238e65
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
ID zprávy: 5834fba6-dde9-11e8-82f5-28d244e03fc1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/01/2018 02:14:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Název chybujícího modulu: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000111eb3
ID chybujícího procesu: 0x15a4
Čas spuštění chybující aplikace: 0x01d471e2c336e0d8
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
ID zprávy: 1ce4d1e4-ddd8-11e8-82f5-28d244e03fc1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/01/2018 02:14:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Název chybujícího modulu: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000111eb3
ID chybujícího procesu: 0x15a4
Čas spuštění chybující aplikace: 0x01d471e2c336e0d8
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
ID zprávy: 19b0ab07-ddd8-11e8-82f5-28d244e03fc1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/30/2018 02:01:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.18938, časové razítko: 0x5a7ddf0a
Kód výjimky: 0xc0000025
Posun chyby: 0x0000000000008eac
ID chybujícího procesu: 0x80c
Čas spuštění chybující aplikace: 0x01d47044fa87585b
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: C:\windows\system32\KERNELBASE.dll
ID zprávy: f8a35f1b-dc43-11e8-82f5-28d244e03fc1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (11/09/2018 04:17:39 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: Službě ICS_IPV6 se nepodařilo nakonfigurovat zásobník IPv6.

Error: (11/09/2018 12:29:00 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: Službě ICS_IPV6 se nepodařilo nakonfigurovat zásobník IPv6.

Error: (11/09/2018 12:09:09 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: Službě ICS_IPV6 se nepodařilo nakonfigurovat zásobník IPv6.

Error: (11/09/2018 12:02:02 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: Službě ICS_IPV6 se nepodařilo nakonfigurovat zásobník IPv6.

Error: (11/09/2018 11:08:48 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: Službě ICS_IPV6 se nepodařilo nakonfigurovat zásobník IPv6.

Error: (11/09/2018 11:01:41 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: Službě ICS_IPV6 se nepodařilo nakonfigurovat zásobník IPv6.

Error: (11/09/2018 10:08:27 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: Službě ICS_IPV6 se nepodařilo nakonfigurovat zásobník IPv6.

Error: (11/09/2018 10:01:20 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: Službě ICS_IPV6 se nepodařilo nakonfigurovat zásobník IPv6.

==================== Memory info ===========================

Processor: AMD FX-7500 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 41%
Total physical RAM: 11194.61 MB
Available physical RAM: 6503.33 MB
Total Virtual: 11898.61 MB
Available Virtual: 6462.57 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:423.56 GB) (Free:59.2 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.16 GB) NTFS

\\?\Volume{86e167c3-99d9-4fc1-9316-a1947cf4a941}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.66 GB) NTFS
\\?\Volume{6d0486f5-e6c1-4e43-90f5-a74302ed494a}\ () (Fixed) (Total:0.78 GB) (Free:0.34 GB) NTFS
\\?\Volume{9eda61af-7b2f-4af0-89ed-6549ec6bcf63}\ (PBR_DRV) (Fixed) (Total:14.09 GB) (Free:2.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 16782464)

Partition: GPT.

==================== End of Addition.txt ============================

#2 Příspěvek od **Conder** » 10 lis 2018 01:40

Ahoj

V PC su nejake zbytky po IObit programoch (napr. Driver Booster, Advanced SystemCare, Uninstaller, atd) - neodporucame ich vobec pouzivat, su to cinske smejdy, ktore mozu poskodit system.

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
Nechaj zaskrtnute vsetky nalezy
Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah sem skopiruj

honzahelios · #3 Příspěvek od **honzahelios** » 10 lis 2018 15:59

Diky za tvuj cas. Tady to je.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-09-21.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-10-2018
# Duration: 00:00:08
# OS: Windows 8.1
# Cleaned: 102
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Pokki
Deleted C:\Users\Public\Pokki
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\Honza\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Honza\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\Ask.com
Deleted C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

***** [ Files ] *****

Deleted C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\9a5gdns3.default\searchplugins\securesearch.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\pokki
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM1
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Advanced SystemCare 11
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\services\AdvancedSystemCareService11
Deleted HKCU\Software\Ask.com
Deleted HKCU\Software\AppDataLow\Software\AskToolbar
Deleted HKU\S-1-5-18\Software\AskToolbar
Deleted HKU\.DEFAULT\Software\AskToolbar
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\AppDataLow\AskToolbarInfo
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Deleted HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Deleted HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Deleted HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP
Deleted HKLM\Software\Wow6432Node\CLASSES\APPID\VISUALDISCOVERY.EXE
Deleted HKLM\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE
Deleted HKLM\Software\Wow6432Node\Classes\AppID\GenericAskToolbar.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Deleted HKLM\Software\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Deleted HKLM\Software\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Deleted HKLM\Software\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Deleted HKLM\Software\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Deleted HKLM\Software\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Deleted HKLM\Software\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Deleted HKLM\Software\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Deleted HKLM\Software\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
Deleted HKLM\Software\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Deleted HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKLM\Software\Wow6432Node\OverLook
Deleted HKLM\Software\Wow6432Node\VisualDiscovery
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Deleted HKLM\Software\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Deleted HKLM\Software\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Deleted HKLM\Software\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}

***** [ Chromium (and derivatives) ] *****

Deleted Bitmotion - New Tab

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted http://securedsearch.lavasoft.com/?pr=v ... 44__181017

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [12371 octets] - [10/11/2018 15:51:55]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

honzahelios · #4 Příspěvek od **honzahelios** » 10 lis 2018 17:12

Rovnou prikladam nove logy z FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.11.2018
Ran by Honza (administrator) on HONZA (10-11-2018 17:07:36)
Running from C:\Users\Honza\Downloads
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2808560 2014-06-24] (Synaptics Incorporated)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-06] (Realtek Semiconductor Corporation)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-16] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-09-16] (Lenovo(beijing) Limited)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe [177928 2018-11-05] (ESET)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-03-10] (Autodesk, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-06-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493568 2015-12-10] (VŠB-TU Ostrava)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Honza\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [Discord] => C:\Users\Honza\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [ECigStats] => C:\Users\Honza\AppData\Roaming\ECigStats\ECigStats\ECigStats.exe [186504 2018-08-14] (Evolv LLC)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [Unified Remote V3] => "C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks2\WargamingGameUpdater.exe"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [568904 2016-12-02] (ZONER software)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [World of Tanks (1)] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [World of Tanks (2)] => C:\Games\World_of_Tanks_CT\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [Gaijin.Net Agent] => C:\Users\Honza\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2128968 2018-06-14] (Gaijin Entertainment)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [EpicGamesLauncher] => C:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32931728 2018-07-11] (Epic Games, Inc.)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7391816 2018-10-25] (GOG.com)
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2018-06-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-03-30]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Honza\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wifi.bat.lnk [2018-11-06]
ShortcutTarget: wifi.bat.lnk -> C:\Users\Honza\Desktop\wifi.bat ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 193.85.1.100 193.85.2.100 8.8.8.8 192.168.25.1
Tcpip\..\Interfaces\{132CB79F-EEF1-4C2E-9DD4-0107EB87815D}: [DhcpNameServer] 158.196.0.53 158.196.99.166
Tcpip\..\Interfaces\{845EC30C-296E-4BF0-A0F6-53BAEEA9E98F}: [DhcpNameServer] 193.85.1.100 193.85.2.100 8.8.8.8 192.168.25.1
Tcpip\..\Interfaces\{9BDAC3B3-23C4-462A-BB08-86CC464EEF52}: [DhcpNameServer] 10.13.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002 -> DefaultScope {0F2B12EB-5226-4078-874C-AD603E3D4B25} URL =
SearchScopes: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002 -> {0F2B12EB-5226-4078-874C-AD603E3D4B25} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 9a5gdns3.default
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\9a5gdns3.default [2018-11-10]
FF Homepage: Mozilla\Firefox\Profiles\9a5gdns3.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\9a5gdns3.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10444__181017
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\9a5gdns3.default\Extensions\cs@dictionaries.addons.mozilla.org [2017-02-18] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\9a5gdns3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-09-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-08-02] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2184128150-3763628530-3428707980-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Honza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> chrome://apps/
CHR StartupUrls: Default -> "hxxp://fb.com/"
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default [2018-11-10]
CHR Extension: (ProxFlow) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2018-09-14]
CHR Extension: (Dokumenty) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-17]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-17]
CHR Extension: (Adblock Plus) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-11-02]
CHR Extension: (Adblock na Youtube™) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2018-09-27]
CHR Extension: (Black Theme - New Tab Page) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cniaphkhbnolgdhijjmigdfeojkjenhk [2017-12-19]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2017-11-17]
CHR Extension: (Tampermonkey) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-09-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-01]
CHR Extension: (YouTube Dark Theme) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\icgoeaddhagkbjnnigiblfebijeinfme [2018-11-03]
CHR Extension: (The West - tw-db.info Cloth Calc [cz]) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\modoaojfncmlbbnfgmbjeklfkhjnhdob [2017-07-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Fullscreen Anything) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\olcfgpmjldkkjdclidhcbonieibfhhdh [2018-09-17]
CHR Extension: (The West - tw-db.info Cloth Calc [eng]) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfokggpnenjibdcfibokbhkbcheeloff [2017-10-26]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-17]
CHR Extension: (Chrome Media Router) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-17]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1309176 2017-03-10] (Autodesk Inc.)
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-06-25] (Advanced Micro Devices, Inc.) [File not signed]
S4 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-04-24] (Advanced Micro Devices) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [84992 2014-01-22] () [File not signed]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2018-09-20] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2302152 2018-11-05] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2302152 2018-11-05] (ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [706120 2018-10-25] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7112264 2018-10-02] (GOG.com)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
S2 KMSServerService; C:\windows\KMSServerService\KMS Server Service.exe [236032 2017-11-14] (My Digital Life Forums) [File not signed]
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
S4 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-16] (Lenovo(beijing) Limited)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32384 2016-10-03] (The OpenVPN Project)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [743616 2015-12-02] (@ByELDI) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-06-24] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\windows\system32\drivers\amdacpksd.sys [305544 2018-02-17] (Advanced Micro Devices)
S0 amdkmafd; C:\windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [88984 2018-02-17] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-12] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-01-09] (Bluestack System Inc. )
S3 cpuz143; C:\windows\temp\cpuz143\cpuz143_x64.sys [48960 2018-02-17] (CPUID)
S3 DESerialPort; C:\windows\system32\DRIVERS\DimensionSerialPort.sys [24576 2016-11-12] ()
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [143448 2018-11-05] (ESET)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [863944 2018-07-14] (EasyAntiCheat Oy)
R0 edevmon; C:\windows\System32\DRIVERS\edevmon.sys [107896 2018-11-05] (ESET)
S0 eelam; C:\windows\System32\DRIVERS\eelam.sys [15872 2018-02-19] (ESET)
R1 ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [188832 2018-11-05] (ESET)
R1 epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [109864 2018-11-05] (ESET)
R3 frzway; C:\windows\system32\DRIVERS\frzway.sys [34552 2017-03-17] (The OpenVPN Project)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-02-17] (REALiX(tm))
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 npf; C:\windows\System32\drivers\npf.sys [40464 2009-02-08] (CACE Technologies)
R3 RtkBtFilter; C:\windows\system32\DRIVERS\RtkBtfilter.sys [710656 2018-02-17] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [420832 2018-02-17] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [3127552 2018-02-17] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\windows\system32\DRIVERS\rtwlane.sys [7682928 2018-02-17] (Realtek Semiconductor Corporation )
R3 taphss6; C:\windows\system32\DRIVERS\taphss6.sys [42064 2017-03-21] (Anchorfree Inc.)
S3 uvhid; C:\windows\System32\drivers\uvhid.sys [28128 2017-12-13] (Windows (R) Win 7 DDK provider)
S1 VBoxNetAdp; C:\windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-28] (Oracle Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2018-01-08] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2018-01-08] (Zemana Ltd.)
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-10 17:07 - 2018-11-10 17:07 - 000000000 ____D C:\Users\Honza\Downloads\FRST-OlderVersion
2018-11-10 15:50 - 2018-11-10 15:52 - 000000000 ____D C:\AdwCleaner
2018-11-10 15:21 - 2018-11-10 15:26 - 007592144 _____ (Malwarebytes) C:\Users\Honza\Desktop\adwcleaner_7.2.4.0.exe
2018-11-09 20:13 - 2018-11-09 20:15 - 000078452 _____ C:\Users\Honza\Downloads\Addition.txt
2018-11-09 20:10 - 2018-11-10 17:08 - 000023116 _____ C:\Users\Honza\Downloads\FRST.txt
2018-11-09 20:09 - 2018-11-10 17:07 - 002415616 _____ (Farbar) C:\Users\Honza\Downloads\FRST64.exe
2018-11-09 20:09 - 2018-11-10 17:07 - 000000000 ____D C:\FRST
2018-11-08 22:20 - 2018-11-08 22:20 - 000197189 _____ C:\Users\Honza\Downloads\Volvo_FH16_1500HP_Engine_by_Darken-B.rar
2018-11-05 16:44 - 2018-11-05 17:02 - 000000146 _____ C:\Users\Honza\Desktop\wifi.bat
2018-11-05 12:01 - 2018-11-05 12:01 - 003243266 _____ C:\Users\Honza\Downloads\TL-WR841N-V10-stripped.zip
2018-11-04 22:29 - 2018-11-10 15:54 - 000000842 _____ C:\windows\system32\Drivers\etc\hosts.ics
2018-11-04 16:54 - 2018-11-04 16:54 - 000353316 _____ C:\Users\Honza\Downloads\Sitovy_rozbor_kameniva.pdf
2018-11-03 18:43 - 2018-11-03 18:43 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-11-03 18:43 - 2018-11-03 18:43 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2018-11-03 18:21 - 2018-11-03 18:21 - 000000222 _____ C:\Users\Honza\Desktop\Rocket League.url
2018-11-03 17:14 - 2018-11-03 17:14 - 000000222 _____ C:\Users\Honza\Desktop\GRID Autosport.url
2018-11-02 21:04 - 2018-11-02 21:04 - 000000000 ____D C:\Program Files (x86)\Destiny 2
2018-11-02 14:24 - 2018-11-02 14:24 - 000000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2018-11-02 14:24 - 2018-11-02 14:24 - 000000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdate
2018-11-02 09:32 - 2018-11-02 09:32 - 000466456 _____ (Creative Labs) C:\windows\system32\wrap_oal.dll
2018-11-02 09:32 - 2018-11-02 09:32 - 000444952 _____ (Creative Labs) C:\windows\SysWOW64\wrap_oal.dll
2018-11-02 09:32 - 2018-11-02 09:32 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\windows\system32\OpenAL32.dll
2018-11-02 09:32 - 2018-11-02 09:32 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\windows\SysWOW64\OpenAL32.dll
2018-11-02 09:32 - 2018-11-02 09:32 - 000000000 ____D C:\Program Files (x86)\OpenAL
2018-11-02 09:31 - 2018-11-03 20:06 - 000000000 ____D C:\Users\Honza\AppData\Roaming\SpinTires
2018-11-02 08:52 - 2018-11-02 08:52 - 000000222 _____ C:\Users\Honza\Desktop\F1 2015.url
2018-11-02 08:51 - 2018-11-02 08:51 - 000000222 _____ C:\Users\Honza\Desktop\Spintires.url
2018-11-02 00:33 - 2018-11-02 00:33 - 000000222 _____ C:\Users\Honza\Desktop\DiRT 3 Complete Edition.url
2018-10-31 22:36 - 2018-11-01 14:14 - 000000000 ____D C:\Users\Honza\Documents\ETS2MP
2018-10-31 19:38 - 2018-10-31 19:38 - 000667351 _____ C:\Users\Honza\Downloads\launcher_1004.zip
2018-10-30 11:18 - 2018-10-30 11:18 - 000000000 ____D C:\Program Files\XING
2018-10-30 11:18 - 2018-10-30 11:18 - 000000000 ____D C:\Program Files (x86)\XING
2018-10-29 18:09 - 2018-11-02 09:54 - 000000000 ____D C:\ProgramData\Codemasters
2018-10-29 17:18 - 2018-10-29 17:18 - 000000222 _____ C:\Users\Honza\Desktop\DiRT Rally.url
2018-10-27 18:07 - 2018-10-27 18:07 - 000006322 _____ C:\Users\Honza\Desktop\HEL0075.xlsx
2018-10-24 09:36 - 2018-10-24 09:36 - 000016229 _____ C:\Users\Honza\Downloads\stipendia.pdf
2018-10-22 15:02 - 2018-10-22 15:04 - 000000000 ____D C:\Users\Honza\AppData\Roaming\SCP Secret Laboratory
2018-10-22 15:02 - 2018-10-22 15:02 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Hubert Moszka
2018-10-21 10:33 - 2018-10-21 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossout
2018-10-20 21:24 - 2018-10-20 21:37 - 000009211 _____ C:\Users\Honza\Desktop\set.xlsx
2018-10-20 15:27 - 2018-10-20 15:27 - 000039588 _____ C:\Users\Honza\Downloads\Funkce-HEL0075.xlsx
2018-10-18 13:03 - 2018-10-18 13:03 - 000000000 ____D C:\Users\Honza\AppData\Local\The Witcher
2018-10-18 12:55 - 2018-10-18 12:55 - 000000000 ____D C:\Users\Honza\Documents\The Witcher
2018-10-18 12:55 - 2018-10-18 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher Enhanced Edition [GOG.com]
2018-10-18 12:54 - 2018-10-18 12:55 - 000001613 _____ C:\Users\Public\Desktop\The Witcher Enhanced Edition Director's Cut.lnk
2018-10-18 12:54 - 2018-10-18 12:55 - 000000000 ____D C:\Users\Public\Documents\The Witcher
2018-10-18 12:31 - 2018-10-18 12:31 - 000001068 _____ C:\Users\Public\Desktop\GOG Galaxy.lnk
2018-10-18 12:31 - 2018-10-18 12:31 - 000000000 ____D C:\Users\Honza\AppData\Local\GOG.com
2018-10-18 12:31 - 2018-10-18 12:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2018-10-18 12:30 - 2018-10-25 08:18 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2018-10-18 12:30 - 2018-10-18 12:30 - 000000000 ____D C:\ProgramData\GOG.com
2018-10-17 20:42 - 2018-10-18 08:57 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Heroes and Generals
2018-10-17 20:42 - 2018-10-17 20:42 - 000000000 ____D C:\Users\Honza\AppData\Roaming\HeroesAndGeneralsDesktop
2018-10-17 19:56 - 2018-11-10 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-10-17 19:55 - 2018-10-17 19:55 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Lavasoft
2018-10-17 19:55 - 2018-10-17 19:55 - 000000000 ____D C:\Users\Honza\AppData\Local\Lavasoft
2018-10-17 19:55 - 2018-10-17 19:55 - 000000000 ____D C:\ProgramData\Lavasoft
2018-10-17 19:55 - 2018-10-17 19:55 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2018-10-17 15:38 - 2018-10-17 15:38 - 128392363 _____ C:\Users\Honza\Downloads\drive-download-20181017T143817Z-001.zip
2018-10-17 15:36 - 2018-10-17 15:36 - 118876921 _____ C:\Users\Honza\Downloads\drive-download-20181017T143602Z-001.zip
2018-10-16 17:21 - 2018-10-16 17:21 - 000001089 _____ C:\Users\Honza\Desktop\Výukový program deskriptivní geometrie.lnk
2018-10-16 17:21 - 2018-10-16 17:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Výukový program deskriptivní geometrie
2018-10-16 17:21 - 2018-10-16 17:21 - 000000000 ____D C:\Program Files (x86)\Výukový program deskriptivní geometrie
2018-10-15 10:29 - 2018-10-15 10:29 - 000000219 _____ C:\Users\Honza\Desktop\Left 4 Dead 2.url
2018-10-11 17:03 - 2018-10-11 17:51 - 000000600 _____ C:\Users\Honza\AppData\Local\PUTTY.RND
2018-10-11 16:57 - 2018-10-11 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)
2018-10-11 16:57 - 2018-10-11 16:57 - 000000000 ____D C:\Program Files\PuTTY
2018-10-11 16:24 - 2018-10-11 22:08 - 000000600 _____ C:\Users\Honza\AppData\Roaming\winscp.rnd
2018-10-11 16:03 - 2018-11-05 12:14 - 000000000 ____D C:\Users\Honza\Documents\Arouter
2018-10-11 13:19 - 2018-10-11 13:19 - 000043872 _____ (Connectify) C:\windows\system32\Drivers\cnnctfy3.sys
2018-10-11 13:19 - 2018-10-11 13:19 - 000036736 _____ (Connectify) C:\windows\system32\Drivers\cfywlan1.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-10 17:07 - 2018-01-08 18:46 - 000077526 _____ C:\windows\ZAM.krnl.trace
2018-11-10 17:07 - 2018-01-08 18:46 - 000048779 _____ C:\windows\ZAM_Guard.krnl.trace
2018-11-10 16:00 - 2014-09-16 03:42 - 000734510 _____ C:\windows\system32\perfh005.dat
2018-11-10 16:00 - 2014-09-16 03:42 - 000148820 _____ C:\windows\system32\perfc005.dat
2018-11-10 16:00 - 2014-03-18 10:53 - 001739092 _____ C:\windows\system32\PerfStringBackup.INI
2018-11-10 16:00 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2018-11-10 15:59 - 2016-10-27 20:39 - 000003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2184128150-3763628530-3428707980-1002
2018-11-10 15:55 - 2016-10-27 20:36 - 000000000 __RDO C:\Users\Honza\OneDrive
2018-11-10 15:53 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-11-10 15:52 - 2018-02-14 14:37 - 000000000 ____D C:\ProgramData\IObit
2018-11-10 15:52 - 2018-02-14 14:36 - 000000000 ____D C:\Users\Honza\AppData\Roaming\IObit
2018-11-10 15:52 - 2018-02-14 14:36 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\IObit
2018-11-10 15:52 - 2018-02-14 14:36 - 000000000 ____D C:\Program Files (x86)\IObit
2018-11-10 15:52 - 2014-09-16 03:35 - 000065536 _____ C:\windows\system32\spu_storage.bin
2018-11-10 15:52 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\BBI
2018-11-10 15:21 - 2016-10-27 20:39 - 000003958 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{49DE0708-712F-4003-B15C-6CC13528C5BD}
2018-11-10 15:20 - 2016-11-20 12:37 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Mozilla
2018-11-09 21:41 - 2016-11-03 16:45 - 000000000 ____D C:\Program Files (x86)\Steam
2018-11-09 12:29 - 2016-10-27 20:28 - 000000000 ____D C:\Users\Honza
2018-11-08 22:32 - 2017-07-03 13:56 - 000000000 ____D C:\Users\Honza\Documents\Euro Truck Simulator 2
2018-11-07 16:43 - 2016-11-22 21:51 - 000000000 ____D C:\Users\Honza\AppData\Local\CrashDumps
2018-11-07 16:40 - 2016-12-06 21:38 - 000000000 ____D C:\windows\Minidump
2018-11-07 16:40 - 2016-10-28 05:23 - 000146620 ____N C:\windows\Minidump\110718-41890-01.dmp
2018-11-07 16:36 - 2017-12-21 16:32 - 000004128 _____ C:\windows\System32\Tasks\CCleaner Update
2018-11-07 16:31 - 2016-10-28 05:23 - 000143036 ____N C:\windows\Minidump\110718-39156-01.dmp
2018-11-07 15:12 - 2016-11-22 16:10 - 003042816 ___SH C:\Users\Honza\Downloads\Thumbs.db
2018-11-06 22:33 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2018-11-05 16:50 - 2018-07-12 13:22 - 000109864 _____ (ESET) C:\windows\system32\Drivers\epfwwfp.sys
2018-11-05 16:50 - 2016-10-13 15:39 - 000188832 _____ (ESET) C:\windows\system32\Drivers\ehdrv.sys
2018-11-05 16:49 - 2018-07-12 13:22 - 000107896 _____ (ESET) C:\windows\system32\Drivers\edevmon.sys
2018-11-05 16:49 - 2016-10-13 15:39 - 000143448 _____ (ESET) C:\windows\system32\Drivers\eamonm.sys
2018-11-05 15:57 - 2016-10-28 05:23 - 000146108 ____N C:\windows\Minidump\110518-35375-01.dmp
2018-11-05 12:37 - 2016-10-28 05:23 - 000142524 ____N C:\windows\Minidump\110518-36593-01.dmp
2018-11-05 12:20 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
2018-11-05 09:56 - 2016-10-28 05:23 - 000143092 ____N C:\windows\Minidump\110518-35312-01.dmp
2018-11-04 08:21 - 2016-11-27 17:30 - 000120320 ___SH C:\Users\Honza\Desktop\Thumbs.db
2018-11-03 18:43 - 2016-11-29 19:30 - 000000000 ____D C:\Users\Honza\Documents\My Games
2018-11-03 18:21 - 2016-11-03 16:58 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-11-02 20:56 - 2018-01-12 14:48 - 000000000 ____D C:\Users\Honza\AppData\Local\Battle.net
2018-11-02 20:28 - 2016-12-10 14:30 - 000000000 ____D C:\Users\Honza\Documents\EA Games
2018-11-02 20:26 - 2018-01-12 14:45 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-11-02 20:24 - 2018-01-12 14:48 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Battle.net
2018-11-02 14:26 - 2016-10-27 20:32 - 000000000 ____D C:\Users\Honza\AppData\Local\Packages
2018-11-02 14:26 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-02 14:24 - 2018-03-17 13:53 - 000000000 ____D C:\ProgramData\Samsung
2018-11-02 09:53 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-10-31 19:39 - 2017-07-23 20:21 - 000000000 ____D C:\ProgramData\TruckersMP
2018-10-31 19:38 - 2017-07-17 18:14 - 000000812 _____ C:\Users\Public\Desktop\TruckersMP.lnk
2018-10-31 19:38 - 2017-07-17 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher
2018-10-30 17:43 - 2016-12-13 21:14 - 000000000 ____D C:\Users\Honza\AppData\Local\Ubisoft Game Launcher
2018-10-30 12:32 - 2017-12-22 08:17 - 000000000 ____D C:\Users\Honza\Documents\ProfileCache
2018-10-30 12:31 - 2017-12-22 08:17 - 000000000 ____D C:\Users\Honza\Documents\The Crew
2018-10-30 11:18 - 2014-09-16 03:44 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-10-25 08:25 - 2017-06-17 13:50 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-24 00:29 - 2016-10-30 11:22 - 000000000 ____D C:\Users\Honza\AppData\Roaming\TS3Client
2018-10-22 15:09 - 2017-03-12 18:58 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Unity
2018-10-21 10:30 - 2016-10-27 20:39 - 000000000 __SHD C:\Users\Honza\AppData\LocalLow\EmieUserList
2018-10-21 10:30 - 2016-10-27 20:39 - 000000000 __SHD C:\Users\Honza\AppData\LocalLow\EmieSiteList
2018-10-20 15:04 - 2017-11-02 17:19 - 000000000 ____D C:\Users\Honza\AppData\Local\Microsoft Help
2018-10-19 07:58 - 2017-12-23 20:16 - 000627456 _____ C:\windows\system32\FNTCACHE.DAT
2018-10-17 19:50 - 2017-06-30 14:31 - 000000000 ____D C:\Users\Honza\AppData\Roaming\uTorrent
2018-10-13 12:24 - 2013-08-22 16:36 - 000000000 ____D C:\windows\rescache
2018-10-11 13:50 - 2018-03-19 15:41 - 004063744 _____ C:\Users\Honza\Desktop\TL-WR841Nv14_EU_0.9.1_4.16_up_boot[180319-rel57291].bin

==================== Files in the root of some directories =======

2017-09-28 15:12 - 2018-08-01 17:44 - 000000005 _____ () C:\Users\Honza\AppData\Roaming\.nfe_lock
2018-10-11 16:24 - 2018-10-11 22:08 - 000000600 _____ () C:\Users\Honza\AppData\Roaming\winscp.rnd
2016-10-27 20:32 - 2018-11-10 15:17 - 000603329 _____ () C:\Users\Honza\AppData\Local\BTServer.log
2018-10-11 17:03 - 2018-10-11 17:51 - 000000600 _____ () C:\Users\Honza\AppData\Local\PUTTY.RND
2018-07-19 14:44 - 2018-07-19 14:44 - 000007668 _____ () C:\Users\Honza\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-05 14:06

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.11.2018
Ran by Honza (10-11-2018 17:09:44)
Running from C:\Users\Honza\Downloads
Windows 8.1 (Update) (X64) (2016-10-27 19:31:39)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2184128150-3763628530-3428707980-500 - Administrator - Disabled)
Guest (S-1-5-21-2184128150-3763628530-3428707980-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2184128150-3763628530-3428707980-1004 - Limited - Enabled)
Honza (S-1-5-21-2184128150-3763628530-3428707980-1002 - Administrator - Enabled) => C:\Users\Honza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-1001-0000-3102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
ACP Application (HKLM\...\{CAB783C3-6215-337D-AD99-F52274EFC2CC}) (Version: 2017.0424.2109.30 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
AutoCAD 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 – Čeština (Czech) (HKLM\...\AutoCAD 2018 – Čeština (Czech)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
AVS Audio Editor 8.2.1 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 8.2.1.513 - Online Media Technologies Ltd.)
B109n-z (HKLM-x32\...\{D1B10CDC-8295-4DBB-B962-DD94D22131C2}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
Balíček ovladače systému Windows - Dimension Engineering USB Serial Converter (11/11/2016 1.0.3.21) (HKLM\...\377DE9679F7155ADE94AA4BCBF4CA02472B49707) (Version: 11/11/2016 1.0.3.21 - Dimension Engineering)
Balíček ovladače systému Windows - Dimension Engineering USB Serial Converter (11/12/2015 1.0.3.13) (HKLM\...\32A12E2F88EE40BDBADBB41ECCB8559DEE67F7A3) (Version: 11/12/2015 1.0.3.13 - Dimension Engineering)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Betternet for Windows (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF4C703900}) (Version: 3.9.0.0 - Betternet Technologies Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.55.70.1783 - BlueStack Systems, Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{5D77CB92-5713-F59F-F64C-4DD066D6CA99}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{4FE1ABF7-0EE5-FF79-CE50-6BC0C125E147}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{F6C0C5F8-2E59-8920-323C-40823C54F6E2}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{DEC9CFAB-F251-407A-F312-F8DFB0451FF4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{3024527B-D316-44C1-A5D5-E2163E3583D4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{78482405-18F4-0F13-F175-C23C30290DF5}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{F6983003-FDAF-040E-3CF1-CE1D7F74F509}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{1D7C9B51-E055-FC3A-D6DC-22F5153A7D7A}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{A533BAA8-E063-2F06-B990-F6B95FCABE94}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{390FBFCF-76EE-DABA-5053-E296AAEE75C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{13E39920-1A06-7E6C-4285-7DA8C0BF2A93}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{39E755D0-C657-A6FA-F11F-AAA4BF7BF958}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{B8445E38-BAF0-9C1F-0001-C32BDDF74AAF}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{90F1187C-B9C5-2105-CD02-8CBE149CA62A}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{30462FD8-AA9A-42C3-258E-F7F622244CE3}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{BB95E5DA-D642-1E55-1032-9A4CA2E961C3}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E72E94E1-AE52-3C90-47AA-DFA76292888C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{BCC1FBF8-AC72-A809-A864-DEEB5C8F765F}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{61AA8151-9134-9A8A-A569-CD676FEDE71F}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{F3E512BC-245B-1334-2EFE-69075A2CDA40}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{3CFB6419-D3E3-959A-6F30-116355075E47}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
Counter-Strike 1.6 (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Counter-Strike 1.6) (Version: - )
Counter-Strike 1.6 v43g (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Counter-Strike 1.6_is1) (Version: - Valve)
CPUID HWMonitor 1.31 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Crossout Launcher 1.0.3.65 (HKLM-x32\...\CrossOutLauncher_is1) (Version: - )
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Discord (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Discord) (Version: 0.0.301 - Discord Inc.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
ECigStats (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\ECigStats) (Version: - Evolv)
EDITOR PACK for GTA IV (HKLM-x32\...\EDITOR PACK for GTA IV) (Version: - )
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo)
Epic Games Launcher (HKLM-x32\...\{B2FF9400-A012-44F7-99CE-37C216A6CD70}) (Version: 1.1.131.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EScribe Suite (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\EScribe) (Version: - Evolv)
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.)
Facebook Gameroom 1.20.6618.42311 (HKLM-x32\...\{CF2C7CB9-1009-4EAA-9033-317F4C4C9DA2}) (Version: 1.20.6618.42311 - Facebook)
GeoGebra Classic (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\GeoGebra_6) (Version: 6.0.498 - International GeoGebra Institute)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto IV version 1.0.7.0 (HKLM-x32\...\Grand Theft Auto IV_is1) (Version: 1.0.7.0 - Mr DJ)
Hama Racing Wheel Thunder V5 (HKLM-x32\...\{F1A994FF-DF9B-4937-9DB9-87EC4FF1B31F}) (Version: 1.00.0000 - XC)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B109n-z All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{5B8D29B6-988A-4EFB-A577-CFA8968DD7D3}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Malwarebytes verze 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 56.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 cs)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla)
Mozilla Thunderbird 52.3.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.3.0 (x86 cs)) (Version: 52.3.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite 10 (HKLM-x32\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{1D464EFF-EC8B-F225-2F74-F74143200DDF}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overlook Fing (HKLM-x32\...\Overlook Fing 3.0) (Version: 3.0 - Overlook)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.5.154 - Autodesk)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
PS_AIO_06_B109n-z_SW_Min (HKLM-x32\...\{D5673351-2871-4041-8ABE-ACF876303DB0}) (Version: 140.0.863.000 - Hewlett-Packard) Hidden
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.806.012214 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39058 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.30.0239 - REALTEK Semiconductor Corp.)
SafeQ (HKLM-x32\...\SafeQ) (Version: 0.9 - VŠB-TUO)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SmartPSS 1.16.1 (HKLM-x32\...\SmartPSS) (Version: 1.16.1 - )
SoftPerfect WiFi Guard version 2.0.1 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 2.0.1 - SoftPerfect)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.76 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\1207658924_is1) (Version: 2.1.0.15 - GOG.com)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 release candidate 3 - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Unity Web Player (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 26.1 - Ubisoft)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Výukový program deskriptivní geometrie 2.51 (HKLM-x32\...\Výukový program deskriptivní geometrie_is1) (Version: - Martin Hlaváč, Michal Křen, Krcha.com)
Web Companion (HKLM-x32\...\{f2bbb304-3d2f-4f8f-8797-3d08e213b462}) (Version: 4.3.1934.3766 - Lavasoft)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
winpcap-overlook 4.02 (HKLM-x32\...\winpcap-overlook) (Version: - )
World of Tanks - Common Test (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812ct}_is1) (Version: - Wargaming.net)
World of Tanks (HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
Wotspeak ModPack 1.0.0 ver.2 version 1.0.0 (HKLM-x32\...\{JustDj-5BB6-48C0-B04A-8985E39DF495}_is1) (Version: 1.0.0 - JustDJ)
XVM verze 7.5.0 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 7.5.0 - XVM team)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_EN_is1) (Version: 19.1612.2.11 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\cs-CZ\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-01-08] ()
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk)
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-01-06] (Realtek Semiconductor Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-11-05] (ESET)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2015-04-06] (Online Media Technologies Ltd.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-11-05] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-06-25] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-01-08] ()
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-11-05] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02711BAB-B4A1-4124-B79B-1B813A286BF1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {07E8819E-E6E1-437C-8124-E66C91574ADF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {12E9410C-9AD6-44E6-BFA3-4312969AFCAC} - System32\Tasks\Driver Booster SkipUAC (Honza) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe
Task: {5715A2C3-A3CE-481B-A6A8-8A230E3CDFBE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-17] (Google Inc.)
Task: {58CC5F6C-4684-49A4-9E41-CEB01720982F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6C3689D1-7157-44BA-8315-058118BD3155} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {811BE05B-27B7-4CF0-9CED-851546290E20} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {A1219810-4B2C-4CD3-B73D-B9C8D1C9F267} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {A75B4222-473B-4EA9-91A5-877D141DC88B} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [2018-06-26] (BlueStack Systems, Inc.)
Task: {CF1B340E-5722-45A9-A9CA-20442D27D111} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-17] (Google Inc.)
Task: {D6B46D86-154C-4816-BA66-5557336F272B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {D86E2CBC-BEF4-4C1F-9D7D-C18CEB56ED27} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DE010163-A0B0-4EC3-92CA-23353A0523AB} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI)
Task: {DE145AF3-609B-4FE1-8CD8-B0E837B23937} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {F0F2B127-04E7-453E-B029-7D1AB793000E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {F17AD1E3-7A62-42D5-B551-7845580E7321} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wifi.bat.lnk -> C:\Users\Honza\Desktop\wifi.bat ()

==================== Loaded Modules (Whitelisted) ==============

2016-09-28 03:53 - 2016-09-28 03:53 - 000031248 _____ () C:\windows\System32\ssm4mlm.dll
2014-09-16 03:45 - 2014-01-22 22:04 - 000084992 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2014-09-16 03:40 - 2010-10-26 21:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2018-10-25 08:25 - 2018-10-23 22:24 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libglesv2.dll
2018-10-25 08:25 - 2018-10-23 22:24 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Honza:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\AppData:CSM [468]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Software\Classes\.scr: AutoCADScriptFile => C:\windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Honza\Pictures\city.jpg
DNS Servers: 193.85.1.100 - 193.85.2.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: amdacpusrsvc => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Lenovo System Agent Service => 2
MSCONFIG\Services: LenovoWiFiHotspotSvr => 2
MSCONFIG\Services: MBAMService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: OpenVPNService => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: ZAMSvc => 2
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "Energy Manager"
HKLM\...\StartupApproved\Run: => "OnekeyStudio"
HKLM\...\StartupApproved\Run: => "PhoneCompanion"
HKLM\...\StartupApproved\Run: => "Lenovo Utility"
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run: => "RtsFT"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "ZAM"
HKLM\...\StartupApproved\Run: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "UpdateP2GShortCut"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "jswtrayutil"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SafeQClient"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\StartupFolder: => "wifi.bat.lnk"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "ECigStats"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "AppEx Accelerator UI"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "appnhost"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_7F5A1536901808934F0FA412D4DB0056"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Unified Remote V3"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "World of Tanks (1)"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "World of Tanks (2)"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\StartupApproved\Run: => "GalaxyClient"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BBD2C209-51E7-4119-A865-769AE11B2B5A}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{9FA1355B-6DBD-4670-92E7-E0F513723925}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{60E95E4B-2DFB-4622-B49C-FCD1B29448DA}] => (Allow) LPort=55100
FirewallRules: [{A8B04957-D14A-4BA5-9B21-31818D7DF7C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B7E60447-8791-4E0D-9C7D-8EF5ABC4026B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1CEEF794-5A8F-4FCC-ADA5-EF40ADDA9830}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{59A86934-5CFD-4C06-80FE-C6567EEDC40D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DB868EB1-DCDE-40B9-8F07-AF9DB02CAF4B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{32B65EFF-64A2-47ED-A518-1F1FCBE22C99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7C82F891-EC3B-4C69-8638-98D13B2B6267}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{296327DF-0870-4EC3-B291-362C5CEAFCD7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{DEA3B0B6-7528-437A-9FE0-EE50F1070A13}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{2ED3114C-4699-45B8-810D-8DB44A22629E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{0E6177D9-A4B2-4283-A034-AB3016233915}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{B73F02B3-8681-4C0F-B40C-9BCDF97F4352}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [TCP Query User{2EB906E2-2D98-4D78-BF71-42D65FBE3581}C:\games\cs\hl.exe] => (Block) C:\games\cs\hl.exe
FirewallRules: [UDP Query User{8F089A33-37C6-4A5C-9CF3-BE6BDD386442}C:\games\cs\hl.exe] => (Block) C:\games\cs\hl.exe
FirewallRules: [TCP Query User{6B874971-E65D-4F4F-82D4-0977FD170061}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe
FirewallRules: [UDP Query User{B7AF69FC-ACB8-428A-8582-1038ED940E2F}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe
FirewallRules: [TCP Query User{0F461336-1859-4AD5-A96D-F70DC63EF8FD}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe
FirewallRules: [UDP Query User{CBDE5726-24A5-4978-86C1-1917219DDAC6}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe
FirewallRules: [{F4CEFE05-E6C5-43DC-8ACE-24B78E795663}] => (Allow) C:\Games\World_of_Tanks2\WoTLauncher.exe
FirewallRules: [{61204EDB-C020-4BF2-B58A-2C3CC8A9A9C6}] => (Allow) C:\Games\World_of_Tanks2\WoTLauncher.exe
FirewallRules: [{C000C353-65F5-4FAB-9563-FE69F3A24C7F}] => (Allow) C:\Games\World_of_Tanks2\worldoftanks.exe
FirewallRules: [{03FC45FC-19ED-45E2-B05D-679CA2CC13D6}] => (Allow) C:\Games\World_of_Tanks2\worldoftanks.exe
FirewallRules: [TCP Query User{5EC3BFD0-2D26-4F36-B388-1CAE0BD8F519}C:\users\honza\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\honza\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{5E2AE32E-F046-4709-B519-5A7006E84C9A}C:\users\honza\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\honza\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{F78B971F-7773-453A-8160-98FA5A85AE31}] => (Allow) C:\Games\Mr DJ\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{A49674F4-9170-441C-97E5-A68AED39BFFD}] => (Allow) C:\Games\Mr DJ\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{8CF569D7-0182-4F29-9A4D-2EA9647CC8C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{4AAB58EA-74ED-42BF-A256-1D99C2C119BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{F3AC03D2-6DF5-41FC-9134-5074152DC1FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{85236B60-8510-4962-A039-442199B7E40B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{D7BFF43D-BD68-4795-9F10-CC2414640172}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe
FirewallRules: [UDP Query User{2749F24A-06F7-47E2-8237-DBA29AAA32A9}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe
FirewallRules: [TCP Query User{BA6C6BCC-C510-42A3-BEB7-B43566B20FF6}C:\games\crossout\launcher.exe] => (Allow) C:\games\crossout\launcher.exe
FirewallRules: [UDP Query User{1E2E2326-5E13-44A2-9B05-949006991CBE}C:\games\crossout\launcher.exe] => (Allow) C:\games\crossout\launcher.exe
FirewallRules: [TCP Query User{86F34CB4-FECB-4E40-A031-36E1AA2EEDAB}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe
FirewallRules: [UDP Query User{D776594B-6AA1-46C5-BE02-415E5B39D000}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe
FirewallRules: [TCP Query User{E069136B-0A20-490D-A63D-2CA2C74E7D20}C:\users\honza\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\honza\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{FA7D6576-4778-4A5A-B0BB-00FF2F142B6D}C:\users\honza\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\honza\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{E224A3F9-A59F-4EE9-8BBD-98DF4FD29EC1}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{953092F8-5437-4FD6-BCC2-136287D6795B}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{CE139119-B1DE-4A1C-B138-A4A697210616}C:\users\honza\counter-strike 1.6\hl.exe] => (Allow) C:\users\honza\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{753B7056-FAF4-44B6-B612-6A16CD7D9F5E}C:\users\honza\counter-strike 1.6\hl.exe] => (Allow) C:\users\honza\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{E75E1797-527F-49FC-8A69-3818D33DB791}C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{F4BEC977-1312-4E67-8EC7-3A40C7A40B06}C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{7C046CEF-46F1-46E1-A426-9D8FB9FAD081}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{F70FF5ED-66E9-4CB4-9B9E-EBBD6C2B0B2D}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{D0F74C65-226E-47FD-9EB8-3456A8941342}C:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{6F7EF6C4-DA26-407F-BB06-AA4CA5B237F4}C:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{09F51426-EE5C-462C-A19B-9F3D92286FC6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7D19C1F4-7ADE-417C-9CEB-DCA3B8BB7270}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{9C778055-A069-4827-9265-465FAC482954}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2A1048F7-D31E-4DB3-A23E-8424EB8E15D7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{348FBA48-7C80-4F6C-A12B-E07712F00DEE}] => (Allow) C:\Games\FlightGear 2017.3.1\bin\fgfs.exe
FirewallRules: [{ECBDFFF8-9BD7-42B6-A8FB-B6980111E6B6}] => (Allow) C:\Games\FlightGear 2017.3.1\bin\fgcom.exe
FirewallRules: [TCP Query User{35478FD9-D4E5-48DD-943C-BEADB24F5899}C:\users\honza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\honza\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CEF18ECD-F8C2-4D25-BADC-D9578FD88C16}C:\users\honza\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\honza\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A5CC6CC7-84BD-49DF-A22D-276CF2B66B7B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{5B0B2DBE-3303-4562-8861-4FB7ED5B20C8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{128A2ADB-E371-4EC1-8035-7132CDCFE290}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe
FirewallRules: [{3DCED428-61B3-46CF-9A95-A5FC5492138C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe
FirewallRules: [{B8B04EB8-530B-4F77-A9C1-F018BAE6F397}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{6418296C-B523-432B-BDFA-A96A27E7BA84}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{77830913-9B05-41EE-AD6B-AE3C8396CF9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{56754D44-FF9A-4D6F-A05F-EFAC45607689}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{228BD518-F2A1-46D2-9CE0-79E84DCC80DB}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{5F23E4AC-5778-4051-9466-117024D2B858}C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{3016A83B-152B-4D2F-AA31-F83A2A50FC27}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{ABD5F771-77B2-4FDF-B5E7-190AC8BF0703}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [TCP Query User{CFF9E6BB-11FD-4232-A7AA-D87170FF0078}C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman origins\rayman origins.exe
FirewallRules: [UDP Query User{0343F172-FC64-4E07-ACEC-4041DDD7C9C7}C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\rayman origins\rayman origins.exe
FirewallRules: [TCP Query User{94BCB6E5-1CE5-45A5-9ABF-206DBAC97764}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{D550CA8B-1B4D-44FB-BAF0-8D1ADDB54EA4}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{D412002E-3892-490E-862A-BAD92D50559B}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
FirewallRules: [{6CC22497-8CE6-4DAA-94D6-1B2429A80B8C}] => (Allow) C:\Games\World_of_Tanks_enCore\WoTEnCoreLauncher.exe
FirewallRules: [{06DEE1FD-1421-43D9-A060-4A5E3B53931E}] => (Allow) C:\Games\World_of_Tanks_enCore\WoTEnCoreLauncher.exe
FirewallRules: [{1627776A-CE92-48AB-97FF-15F78E0F2DCB}] => (Allow) C:\Games\World_of_Tanks_enCore\WorldOfTanksEnCoreLauncher.exe
FirewallRules: [{F785E918-4166-4BFD-8062-182BA5BFE4D6}] => (Allow) C:\Games\World_of_Tanks_enCore\WorldOfTanksEnCoreLauncher.exe
FirewallRules: [{E6A29E7F-D505-4F74-BFD9-9E02BA2AD332}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{3E16D526-2143-431A-BBD4-03BCBC8E3A2C}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{A7DFB8EF-5C30-4820-9B4B-5D6E32811C7A}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{6AC77636-2939-4E9F-95D2-A634FAB4EE8A}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [TCP Query User{627A8A8F-F378-42C1-A721-CFA979165C17}C:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [UDP Query User{96C9F255-7EA0-4717-AD5F-0EA90E5F99C3}C:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [TCP Query User{E1F82066-3D44-4FB5-B1E7-EA34FED1321D}C:\games\warthunder\launcher.exe] => (Allow) C:\games\warthunder\launcher.exe
FirewallRules: [UDP Query User{4D9B3101-047A-459B-A0DF-66AF4C1027D1}C:\games\warthunder\launcher.exe] => (Allow) C:\games\warthunder\launcher.exe
FirewallRules: [TCP Query User{5E63376C-D9CA-425D-B86C-FEBB01833604}C:\games\warthunder\win64\aces.exe] => (Block) C:\games\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{A3554BE8-923A-4AA2-B1D1-D0B460AD5AFB}C:\games\warthunder\win64\aces.exe] => (Block) C:\games\warthunder\win64\aces.exe
FirewallRules: [{2F4BDB23-E8A8-429E-BB5D-6A299B08FB00}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{1AF74BA3-218F-487F-BD3B-23711B095E85}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{FD3B1D77-E067-4FEE-B2D1-2A349D80F427}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{460E61A4-8BC7-4C5B-A801-58BD62C9E103}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{5122514C-7E30-4781-B994-36C24B480F4E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{8B2D9AE6-5403-4A58-B1AC-F6358122344E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{1B0DE5DC-B375-4F54-90B4-60B0E8FAB1C6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{2AE7E8C2-9039-447A-9E5D-1BF21C98AE2D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{7D7E6AB5-4299-45FF-A277-A1A7B6C2EC43}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{A0DE5B94-7A7E-451D-998A-5D72A544D60C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{03B39BBC-808C-4FA8-BA57-8BD76DCEC535}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{D2F9DD2B-54EA-4E91-9201-2A592DCE791A}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [TCP Query User{A2A2F80F-310F-490C-B74C-3EECAC52E6C7}C:\games\crossout\launcher.exe] => (Allow) C:\games\crossout\launcher.exe
FirewallRules: [UDP Query User{303119D7-51DD-4FFC-BA97-904F5A32B2D4}C:\games\crossout\launcher.exe] => (Allow) C:\games\crossout\launcher.exe
FirewallRules: [TCP Query User{D43C0DE6-3B74-4500-893A-3F68A732A646}C:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [UDP Query User{74854D24-DC23-443F-9669-F1199D3D201E}C:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [TCP Query User{D177BD14-DEA5-441A-AE86-5C3E68E375BB}C:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [UDP Query User{2D6F3EEA-F482-41C8-BC2E-F7227DD55685}C:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [TCP Query User{1FDA0C67-39CE-44FC-B5B4-005C0752004B}C:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [UDP Query User{F10FB1BE-7458-4191-A0D1-65A0E7DE98B1}C:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [{71FAC694-9289-4633-9A9D-F112E22CB0F1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1CBE3D0E-962C-4B7C-B5D9-94FCF9FF7796}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{9E97F50E-81D0-4069-973C-0A970FE31BF5}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{DBC71F37-4564-4AD6-8401-151D09396406}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{8BCFDD9B-FED4-49EF-8FAA-766378E706A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{97784A4E-65B1-44E3-B20A-C42D96ADCB20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{71182090-727C-449D-8A44-99FC8E422D21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{11F3D933-061D-4963-941F-D2ADD1D26B3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{D04AF6C7-F39D-4F2F-A898-74C015778811}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{61FDC57E-572F-432D-924D-5B05C18A28FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{325F0F78-E880-4FC6-AB3E-DD590C9B63F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5C60CC6D-98CB-4628-9952-503FFD00E863}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F52BACF9-EF9F-4C6F-81A9-8E0CCC5738BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B4AAAFCD-2811-440F-86A1-39842CD7B570}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{07A888EF-BA81-45E9-B2D7-BD0423F15F8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{C5ED1159-F08F-4EEB-A860-169D932AC2C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{20C9ECEC-7DF6-4B90-A662-73169F3A4C55}C:\users\honza\documents\arouter\tftpd64.exe] => (Allow) C:\users\honza\documents\arouter\tftpd64.exe
FirewallRules: [UDP Query User{4B51B67C-44D3-4E79-856D-D7803D1D1DAE}C:\users\honza\documents\arouter\tftpd64.exe] => (Allow) C:\users\honza\documents\arouter\tftpd64.exe
FirewallRules: [TCP Query User{6DBA0EE2-E07B-47E9-9C4F-FC2D9D58C360}C:\users\honza\documents\arouter\tftpd64.exe] => (Allow) C:\users\honza\documents\arouter\tftpd64.exe
FirewallRules: [UDP Query User{8C7F560A-4346-496A-8CD6-05BB5D8C1DC3}C:\users\honza\documents\arouter\tftpd64.exe] => (Allow) C:\users\honza\documents\arouter\tftpd64.exe
FirewallRules: [{FA05EC02-E888-4F3E-9F16-A0D9AB71A0DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{069D1F04-6639-41C7-8B4B-039C54E82D47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{BFF11F0C-218B-483C-9823-E9EC878A7E56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9712F1E9-7C00-445E-93CF-3E02A4DDCC2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{48215A26-5257-4241-8592-2E6C6E0DA105}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{ACBFF162-D628-4A8E-9323-C7D4942BAD9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{B2D7E178-A2F6-4E56-8396-2AA5D5C7EBAF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{95CD16DC-3DDD-4849-81D4-357721AB4830}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{688B83C0-D00B-459F-A6C8-2F623D867092}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{52FD7578-4136-44AD-A597-0CDCEC9E8268}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{BF9B6FCF-78FC-4355-A0F3-12888492CA69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{74C8E86A-C853-4BB6-8AD2-C697BBF9E15C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{515989F2-FA00-470B-8C29-8EAA4F4684C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{4393F8F0-37D6-41A8-A2FF-AA3EB4409DAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{3F949E02-5589-4AAC-85A8-5E437C33138E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{673CAE73-6964-4441-8626-48AF10F6D161}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{FDCEAC74-C4A8-427E-B3D5-3A597D3A4669}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{BC3BC41C-9940-4834-8A50-776BDF7AFD4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{9BAD6A60-9F8E-417E-9515-B1693B7183CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{371F1E2D-F302-4279-AD8F-E90EC86AB42D}] => (Allow) %systemroot%\system32\alg.exe

==================== Restore Points =========================

05-11-2018 14:07:18 Windows Update
09-11-2018 03:30:16 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/07/2018 04:43:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: netsh.exe, verze: 6.3.9600.17415, časové razítko: 0x54504281
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.19153, časové razítko: 0x5b93ffa7
Kód výjimky: 0xc0000142
Posun chyby: 0x00000000000ecf30
ID chybujícího procesu: 0xf2c
Čas spuštění chybující aplikace: 0x01d476b0975afcad
Cesta k chybující aplikaci: C:\windows\system32\netsh.exe
Cesta k chybujícímu modulu: KERNELBASE.dll
ID zprávy: da51be3a-e2a3-11e8-8300-38b1db5e6223
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/02/2018 02:19:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1d40

Čas spuštění: 01d472adf25d26aa

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: e73c1965-dea1-11e8-82f5-28d244e03fc1

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (11/02/2018 10:25:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HONZA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (11/01/2018 04:18:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Název chybujícího modulu: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000111eb3
ID chybujícího procesu: 0x1b60
Čas spuštění chybující aplikace: 0x01d471ee8a238e65
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
ID zprávy: 5a003f01-dde9-11e8-82f5-28d244e03fc1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/01/2018 04:18:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Název chybujícího modulu: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000111eb3
ID chybujícího procesu: 0x1b60
Čas spuštění chybující aplikace: 0x01d471ee8a238e65
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
ID zprávy: 5834fba6-dde9-11e8-82f5-28d244e03fc1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/01/2018 02:14:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Název chybujícího modulu: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000111eb3
ID chybujícího procesu: 0x15a4
Čas spuštění chybující aplikace: 0x01d471e2c336e0d8
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
ID zprávy: 1ce4d1e4-ddd8-11e8-82f5-28d244e03fc1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/01/2018 02:14:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Název chybujícího modulu: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000111eb3
ID chybujícího procesu: 0x15a4
Čas spuštění chybující aplikace: 0x01d471e2c336e0d8
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
ID zprávy: 19b0ab07-ddd8-11e8-82f5-28d244e03fc1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/30/2018 02:01:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.32.3.13, časové razítko: 0x5bbe4207
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.18938, časové razítko: 0x5a7ddf0a
Kód výjimky: 0xc0000025
Posun chyby: 0x0000000000008eac
ID chybujícího procesu: 0x80c
Čas spuštění chybující aplikace: 0x01d47044fa87585b
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: C:\windows\system32\KERNELBASE.dll
ID zprávy: f8a35f1b-dc43-11e8-82f5-28d244e03fc1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (11/10/2018 03:54:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba KMS Server Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/10/2018 03:53:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AppEx Networks Accelerator LWF neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/10/2018 03:52:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\system32\Rtlihvs.dll

Error: (11/10/2018 03:52:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\system32\Rtlihvs.dll

Error: (11/10/2018 03:52:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\system32\Rtlihvs.dll

Error: (11/10/2018 03:52:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Service KMSELDI byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/10/2018 03:52:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SAMSUNG Mobile Connectivity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/10/2018 03:52:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

==================== Memory info ===========================

Processor: AMD FX-7500 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 31%
Total physical RAM: 11194.61 MB
Available physical RAM: 7702.47 MB
Total Virtual: 11898.61 MB
Available Virtual: 8285.3 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:423.56 GB) (Free:59.11 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.16 GB) NTFS

\\?\Volume{86e167c3-99d9-4fc1-9316-a1947cf4a941}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.66 GB) NTFS
\\?\Volume{6d0486f5-e6c1-4e43-90f5-a74302ed494a}\ () (Fixed) (Total:0.78 GB) (Free:0.34 GB) NTFS
\\?\Volume{9eda61af-7b2f-4af0-89ed-6549ec6bcf63}\ (PBR_DRV) (Fixed) (Total:14.09 GB) (Free:2.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 16782464)

Partition: GPT.

==================== End of Addition.txt ============================

#5 Příspěvek od **Conder** » 11 lis 2018 00:03

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
File: C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
File: C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
File: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
File: C:\Windows\System32\HPZinw12.dll
File: C:\Windows\System32\HPZipm12.dll

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Policies\Explorer: [] 
CMD: type "C:\Users\Honza\Desktop\wifi.bat"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002 -> DefaultScope {0F2B12EB-5226-4078-874C-AD603E3D4B25} URL = 
SearchScopes: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002 -> {0F2B12EB-5226-4078-874C-AD603E3D4B25} URL = 
FF NewTab: Mozilla\Firefox\Profiles\9a5gdns3.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10444__181017
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [No File]
CHR StartupUrls: Default -> "hxxp://fb.com/"
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
S2 KMSServerService; C:\windows\KMSServerService\KMS Server Service.exe [236032 2017-11-14] (My Digital Life Forums) [File not signed]
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [743616 2015-12-02] (@ByELDI) [File not signed]
C:\windows\KMSServerService
C:\Program Files\KMSpico
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]
2018-11-10 15:52 - 2018-02-14 14:37 - 000000000 ____D C:\ProgramData\IObit
2018-11-10 15:52 - 2018-02-14 14:36 - 000000000 ____D C:\Users\Honza\AppData\Roaming\IObit
2018-11-10 15:52 - 2018-02-14 14:36 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\IObit
2018-11-10 15:52 - 2018-02-14 14:36 - 000000000 ____D C:\Program Files (x86)\IObit
Task: {12E9410C-9AD6-44E6-BFA3-4312969AFCAC} - System32\Tasks\Driver Booster SkipUAC (Honza) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe
Task: {DE010163-A0B0-4EC3-92CA-23353A0523AB} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI)
AlternateDataStreams: C:\Users\Honza:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\AppData:CSM [468]
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1

C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\Honza\AppData\Roaming\IObit
C:\Users\Honza\AppData\LocalLow\IObit
C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

honzahelios · #6 Příspěvek od **honzahelios** » 11 lis 2018 17:14

Hotovo, akorat me to vyhazelo addony z chromu, nastesti jsem to mel zalohovane.

Fix result of Farbar Recovery Scan Tool (x64) Version: 11.11.2018
Ran by Honza (11-11-2018 16:50:45) Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
File: C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
File: C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
File: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
File: C:\Windows\System32\HPZinw12.dll
File: C:\Windows\System32\HPZipm12.dll

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\...\Policies\Explorer: []
CMD: type "C:\Users\Honza\Desktop\wifi.bat"
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002 -> DefaultScope {0F2B12EB-5226-4078-874C-AD603E3D4B25} URL =
SearchScopes: HKU\S-1-5-21-2184128150-3763628530-3428707980-1002 -> {0F2B12EB-5226-4078-874C-AD603E3D4B25} URL =
FF NewTab: Mozilla\Firefox\Profiles\9a5gdns3.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10444__181017
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [No File]
CHR StartupUrls: Default -> "hxxp://fb.com/"
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
S2 KMSServerService; C:\windows\KMSServerService\KMS Server Service.exe [236032 2017-11-14] (My Digital Life Forums) [File not signed]
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [743616 2015-12-02] (@ByELDI) [File not signed]
C:\windows\KMSServerService
C:\Program Files\KMSpico
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]
2018-11-10 15:52 - 2018-02-14 14:37 - 000000000 ____D C:\ProgramData\IObit
2018-11-10 15:52 - 2018-02-14 14:36 - 000000000 ____D C:\Users\Honza\AppData\Roaming\IObit
2018-11-10 15:52 - 2018-02-14 14:36 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\IObit
2018-11-10 15:52 - 2018-02-14 14:36 - 000000000 ____D C:\Program Files (x86)\IObit
Task: {12E9410C-9AD6-44E6-BFA3-4312969AFCAC} - System32\Tasks\Driver Booster SkipUAC (Honza) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe
Task: {DE010163-A0B0-4EC3-92CA-23353A0523AB} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI)
AlternateDataStreams: C:\Users\Honza:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\AppData:CSM [468]
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1

C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\Honza\AppData\Roaming\IObit
C:\Users\Honza\AppData\LocalLow\IObit
C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 832
Average :
Sum : 306861026
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

========================= File: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe ========================

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
File not signed
MD5: E8AF3B2389A2C0F8235CACD8930FE97E
Creation and modification date: 2014-06-25 09:11 - 2014-06-25 09:11
Size: 000344064
Attributes: ----A
Company Name: Advanced Micro Devices, Inc.
Internal Name: Fuel
Original Name: Fuel.Service.exe
Product: AMD Fuel Service
Description: AMD Fuel Service
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright © 2009-2010 Advanced Micro Devices, Inc. All Rights Reserved
VirusTotal: https://www.virustotal.com/file/a0be6b1 ... 536749859/

====== End of File: ======

========================= File: C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe ========================

C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
File not signed
MD5: C5BDEB943AFF9331E7A1BCF024430B99
Creation and modification date: 2017-04-24 21:10 - 2017-04-24 21:10
Size: 000121856
Attributes: ----A
Company Name: Advanced Micro Devices
Internal Name: amdacp*.*
Original Name: amdacp*.*
Product: AMD ACP BINARY
Description: AMD ACP Binaries
File Version: 2017.0424.2109.30
Product Version: 2.16.50.0039
Copyright: © Advanced Micro Devices. All rights reserved.
VirusTotal: https://www.virustotal.com/file/0276a71 ... 539878502/

====== End of File: ======

========================= File: C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe ========================

C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
File not signed
MD5: 2A3FE426DBC136A22D69CD69A8C57896
Creation and modification date: 2014-09-16 03:45 - 2014-01-22 22:04
Size: 000084992
Attributes: ----A
Company Name:
Internal Name: BTDevManger
Original Name: BTDevMgr.exe
Product: Bluetooth Software
Description: Realtek Bluetooth BTDevManager Service Application
File Version: 1, 0, 30, 1
Product Version: 1, 0, 30, 1
Copyright: Realtek All Rights Reserved
VirusTotal: https://www.virustotal.com/file/931ec1c ... 527524588/

====== End of File: ======

========================= File: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL ========================

C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
File not signed
MD5: C995EA1C6915D897E06D41AF95B9312C
Creation and modification date: 2011-08-18 00:29 - 2011-08-18 00:29
Size: 001039360
Attributes: ----A
Company Name: Hewlett-Packard Co.
Internal Name: HPSLP??
Original Name: HPSLP??.DLL
Product: HP Digital Imaging
Description: HP Network Devices Support
File Version: 140.0.416.000
Product Version: 140.000.000.000
Copyright: Copyright (C) Hewlett-Packard Co. 1995-2010
VirusTotal: https://www.virustotal.com/file/65de659 ... 527191843/

====== End of File: ======

========================= File: C:\Windows\System32\HPZinw12.dll ========================

C:\Windows\System32\HPZinw12.dll
File not signed
MD5: 2334DC48997BA203B794DF3EE70521DB
Creation and modification date: 2010-08-06 10:15 - 2010-08-06 10:15
Size: 000071680
Attributes: ----A
Company Name: Hewlett-Packard
Internal Name: Dot4Net
Original Name: Dot4Net.DLL
Product: Bidi User Mode
Description: Dot4Net Module
File Version: 12,2,6,51
Product Version: 12,2,6,51
Copyright: Copyright © 2006, 2007 Hewlett-Packard
VirusTotal: 0

====== End of File: ======

========================= File: C:\Windows\System32\HPZipm12.dll ========================

C:\Windows\System32\HPZipm12.dll
File not signed
MD5: AC78DF349F0E4CFB8B667C0CFFF83CCE
Creation and modification date: 2010-08-06 10:15 - 2010-08-06 10:15
Size: 000089600
Attributes: ----A
Company Name: Hewlett-Packard
Internal Name: PmlDrv
Original Name: PmlDrv.DLL
Product: Bidi User Mode
Description: PmlDrv Module
File Version: 12,2,6,51
Product Version: 12,2,6,51
Copyright: Copyright © 2006, 2007 Hewlett-Packard
VirusTotal: 0

====== End of File: ======

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully

========= type "C:\Users\Honza\Desktop\wifi.bat" =========

netsh wlan set hostednetwork mode=allow ssid=*censored* key=*censored*
netsh wlan start hostednetwork
pause
netsh wlan stop hostednetwork
========= End of CMD: =========

HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2184128150-3763628530-3428707980-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0F2B12EB-5226-4078-874C-AD603E3D4B25} => not found
HKLM\Software\Classes\CLSID\{0F2B12EB-5226-4078-874C-AD603E3D4B25} => not found
"FF NewTab: Mozilla\Firefox\Profiles\9a5gdns3.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10444__181017" => not found
HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0 => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nladljmabboanhihfkjacnnkgjhnokhj => removed successfully
HKLM\System\CurrentControlSet\Services\KMSServerService => removed successfully
KMSServerService => service removed successfully
HKLM\System\CurrentControlSet\Services\Service KMSELDI => removed successfully
Service KMSELDI => service removed successfully
C:\windows\KMSServerService => moved successfully
C:\Program Files\KMSpico => moved successfully
HKLM\System\CurrentControlSet\Services\APXACC => removed successfully
APXACC => service removed successfully
C:\ProgramData\IObit => moved successfully
C:\Users\Honza\AppData\Roaming\IObit => moved successfully
C:\Users\Honza\AppData\LocalLow\IObit => moved successfully
C:\Program Files (x86)\IObit => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12E9410C-9AD6-44E6-BFA3-4312969AFCAC}" => not found
"C:\windows\System32\Tasks\Driver Booster SkipUAC (Honza)" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Honza)" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE010163-A0B0-4EC3-92CA-23353A0523AB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE010163-A0B0-4EC3-92CA-23353A0523AB}" => removed successfully
C:\windows\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
C:\Users\Honza => ":Heroes & Generals" ADS removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 => removed successfully
"C:\Program Files\IObit" => not found
"C:\Program Files (x86)\IObit" => not found
"C:\Program Files\Common Files\IObit" => not found
"C:\ProgramData\IObit" => not found
"C:\ProgramData\ProductData" => not found
"C:\Users\Honza\AppData\Roaming\IObit" => not found
"C:\Users\Honza\AppData\LocalLow\IObit" => not found

=========== "C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========

=========== "C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========

"C:\Users\Default\AppData\Roaming\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found

=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========

=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========

C:\Windows\IObit => moved successfully
C:\Windows\Tasks\ImCleanDisabled => moved successfully
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216} => moved successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 78735995 B
Java, Flash, Steam htmlcache => 385179772 B
Windows/system/drivers => 446101595 B
Edge => 0 B
Chrome => 777103455 B
Firefox => 276123664 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 254236 B
systemprofile32 => 128 B
LocalService => 107732 B
NetworkService => 0 B
Honza => 21314345 B

RecycleBin => 887798056 B
EmptyTemp: => 2.7 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 16:56:05 ====

honzahelios · #7 Příspěvek od **honzahelios** » 11 lis 2018 18:53

/skryl jsem si SSID a klic ze souboru wifi.bat, ktery pouzivam pro vytvoreni "hotspotu"

#8 Příspěvek od **Conder** » 11 lis 2018 23:37

To zmazanie Chrome addonov je zvlastne. Zmazalo to uplne vsetky addony?

Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?

honzahelios · #9 Příspěvek od **honzahelios** » 12 lis 2018 07:33

Uplne vsechny addony.
Zatim jsem nic dalsiho nezpozoroval.

#10 Příspěvek od **Conder** » 12 lis 2018 22:41

Spusti kontrolu integrity systemovych suborov:

Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca

Skopiruj a spusti prikaz:

Kód: Vybrat vše

DISM.exe /Online /Cleanup-image /Restorehealth

Po dokonceni skopiruj a spusti druhy prikaz:
Kód: Vybrat vše
```
sfc /scannow
```

Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

Kód: Vybrat vše

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt

Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
Restartuj PC a napis ako sa chova PC

VIRY.CZ

Prosim o preventivku

Prosim o preventivku

Re: Prosim o preventivku

Re: Prosim o preventivku

Re: Prosim o preventivku

Re: Prosim o preventivku

Re: Prosim o preventivku

Re: Prosim o preventivku

Re: Prosim o preventivku

Re: Prosim o preventivku

Re: Prosim o preventivku