Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o kontrolu..(jestli vycistit nebo reinstall)

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
hoblik007
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 21 čer 2005 21:03
Bydliště: Olomouc
Kontaktovat uživatele:

Prosim o kontrolu..(jestli vycistit nebo reinstall)

#1 Příspěvek od hoblik007 »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11.11.2018
Ran by Mara (administrator) on MARAHOME (13-11-2018 03:54:08)
Running from C:\Users\Mara\Desktop
Loaded Profiles: Mara (Available Profiles: Mara & Míša)
Platform: Microsoft Windows 7 Professional (X86) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Hagel Technologies Ltd) C:\Program Files\DU Meter\DUMeterSvc.exe
(www.ext2fsd.com) C:\Program Files\Ext2Fsd\Ext2Srv.exe
(Monect) C:\Program Files\PC Remote Receiver\MonectServerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Monect) C:\Program Files\PC Remote Receiver\PCRemoteReceiver.exe
() C:\Users\Mara\AppData\Roaming\DeReporting\DeReporting.exe
() C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
() C:\Program Files\SpeedFan\speedfan.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [3246384 2013-09-19] (O&O Software GmbH)
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\Run: [DU Meter] => C:\Program Files\DU Meter\DUMeter.exe [2645528 2008-06-10] (Hagel Technologies Ltd)
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\Run: [AMP WinOFF] => c:\program files\amp winoff\winoff.exe [1025024 2010-10-17] (Alberto Martínez Pérez)
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {6bf30111-2a9f-11e7-a2c4-806e6f6e6963} - D:\EVOLVEO.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {8348f85e-82c7-11e8-9d8d-97c92c773f2b} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {e71d7552-deb2-11e8-bf0c-a174f39db544} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {e71d7578-deb2-11e8-bf0c-a174f39db544} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {f480d760-3281-11e7-8523-9158a7eba702} - E:\Autorun.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {f480d762-3281-11e7-8523-9158a7eba702} - F:\Setup.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2017-01-17]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Míša\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk [2017-05-06]
ShortcutTarget: SpeedFan.lnk -> C:\Program Files\SpeedFan\speedfan.exe ()
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{38F41E72-C37C-4B4E-AF14-F291EC5BB2F9}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{4D46237B-2EEB-41D3-A00A-AB8008D0EBC5}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{98B48FEC-E99C-44B9-A066-1B28DD21AD3F}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{9B929CA0-A7BC-4F07-B05C-0657296A2FE1}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{DCE59FC9-ED8B-4E63-A92C-689ED0552F4A}: [DhcpNameServer] 192.168.42.129
ManualProxies: 0hxxp://no-blocked.org/wpad.dat?b8375e4895b2ea9ef53597e2e827679524530446

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-385729116-3703201098-1527315605-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B66F9E696-F05F-4090-93C4-1D71132ED7E4%7D&gp=834429
SearchScopes: HKU\S-1-5-21-385729116-3703201098-1527315605-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-385729116-3703201098-1527315605-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-385729116-3703201098-1527315605-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B66F9E696-F05F-4090-93C4-1D71132ED7E4%7D&gp=834429
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-07-19] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-03-03] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-03] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-385729116-3703201098-1527315605-1000 -> No Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No File

FireFox:
========
FF DefaultProfile: 2xo86nih.default
FF ProfilePath: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default [2018-11-13]
FF user.js: detected! => C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\user.js [2018-01-31]
FF Homepage: Mozilla\Firefox\Profiles\2xo86nih.default -> hxxp://www.nirsoft.net/
FF Extension: (Free Download Manager extension) - C:\Users\Mara\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\fdm_ffext@freedownloadmanager.org [2017-10-09] [Legacy]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-15]
FF Extension: (FF Web Defender) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\{046258c9-75c5-429d-8d5b-386cfbadc39d}.xpi [2017-12-26]
FF Extension: (YouTube Best Video Downloader 2) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi [2018-04-24]
FF Extension: (Adobe Shockwave Flash Player) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\{42baa93e-0cff-4289-b79e-6ae88df668c4}.xpi [2018-03-03]
FF Extension: (Download YouTube Videos as MP4) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-03-14] [Legacy]
FF Extension: (Telemetry coverage) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\features\{c2d23ce4-f914-4bd0-98be-a969c5ca19be}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-23] [Legacy]
FF SearchPlugin: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\searchplugins\google-avast.xml [2017-02-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-22] ()
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-03] (Oracle Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BrowserPlugin\npBrowserPlugin.dll [2015-04-10] (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxp://mail.ru/cnt/10445?gp=811600"
CHR Profile: C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default [2018-11-13]
CHR Extension: (Prezentace) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-13]
CHR Extension: (Dokumenty) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-13]
CHR Extension: (Disk Google) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-03]
CHR Extension: (YouTube) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-03]
CHR Extension: (Tabulky) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-05]
CHR Extension: (Gmail) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-03]
CHR Extension: (Chrome Media Router) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01]
CHR HKLM\...\Chrome\Extension: [bhjhnafpiilpffhglajcaepjbnbjemci] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [dijfnbhlogmffhgpelodglnnkncadnbi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hcadgijmedbfgciegjomfpjcdchlhnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-385729116-3703201098-1527315605-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
S4 DbxSvc; C:\Windows\system32\DbxSvc.exe [40264 2017-01-21] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1142464 2017-02-07] (Disc Soft Ltd)
R2 DUMeterSvc; C:\Program Files\DU Meter\DUMeterSvc.exe [1386008 2008-06-10] (Hagel Technologies Ltd) [File not signed]
R2 Ext2Srv; C:\Program Files\Ext2Fsd\Ext2Srv.exe [34816 2016-07-09] (www.ext2fsd.com)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2017-03-11] (Macrovision Europe Ltd.) [File not signed]
S2 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [153360 2018-09-25] (IObit)
R2 MonectServerService; C:\Program Files\PC Remote Receiver\MonectServerService.exe [110592 2018-03-05] (Monect) [File not signed]
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [805752 2017-06-02] (Nero AG)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [468840 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [468840 2018-01-10] (NVIDIA Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1377072 2013-09-19] (O&O Software GmbH)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S3 WsAppService; C:\Program Files\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare)
S3 WsDrvInst; C:\Program Files\Wondershare\MirrorGo\DriverInstall.exe [111328 2017-05-05] (Wondershare)
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
S4 Hamachi2Svc; "C:\Program Files\LogMeIn Hamachi\hamachi-2.exe" -s [X]
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [32768 2016-09-01] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] (LG Electronics Inc.)
R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [32896 2011-11-28] (AnvSoft Inc.) [File not signed]
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2014-05-23] (Atheros Communications, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [107648 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2017-05-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2017-05-06] (Disc Soft Ltd)
R1 Ext2fs; C:\Windows\System32\DRIVERS\ext2fs.sys [266800 2015-12-26] (Stephan Schreiber)
S0 Ext2Fsd; C:\Windows\system32\Drivers\Ext2Fsd.sys [710912 2016-07-09] (www.ext2fsd.com)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed]
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [27040 2017-03-02] (LogMeIn, Inc.)
S3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [24576 2009-02-02] (HTC1124 Inc) [File not signed]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2018-01-31] (REALiX(tm))
R0 IfsMount; C:\Windows\System32\DRIVERS\ifsmount.sys [59952 2015-12-23] (Stephan Schreiber)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [145664 2018-08-25] (ITE )
R3 IUProcessFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IUProcessFilter.sys [17264 2018-10-16] (IObit)
R3 IURegistryFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IURegistryFilter.sys [23440 2018-10-16] (IObit)
S3 mirrorv3; C:\Windows\System32\DRIVERS\rminiv3.sys [3328 2012-12-18] (Famatech International Corp.) [File not signed]
R3 monectdevices; C:\Windows\System32\DRIVERS\monectdevices.sys [14104 2013-12-03] ()
R3 MonitorFunction; C:\Windows\System32\DRIVERS\TVMonitor.sys [14848 2018-02-20] (TeamViewer GmbH)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29544 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [53616 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [52072 2018-01-10] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [618112 2008-02-13] (PixArt Imaging Inc.) [File not signed]
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2015-03-05] ()
S3 snpstd2; C:\Windows\System32\DRIVERS\snpstd2.sys [354688 2008-04-30] () [File not signed]
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (The OpenVPN Project) [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13184 2016-02-18] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [20864 2012-03-02] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [25216 2012-03-02] (LG Electronics Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2009-07-14] (Microsoft Corporation)
S3 VIA_USB_ETS_SS; C:\Windows\System32\DRIVERS\VIA_USB_ETS_SS.sys [18560 2012-04-17] (Via Telecom, Inc.) [File not signed]
S3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2016-06-06] (RealVNC Ltd.) [File not signed]
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [119952 2016-07-16] (MBB)
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X]
S3 MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [X]
S3 ssudmdm; system32\DRIVERS\ssudmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-13 03:54 - 2018-11-13 03:54 - 000020252 _____ C:\Users\Mara\Desktop\FRST.txt
2018-11-13 03:54 - 2018-11-13 03:54 - 000000000 ____D C:\FRST
2018-11-13 03:53 - 2018-11-13 03:52 - 001775616 _____ (Farbar) C:\Users\Mara\Desktop\FRST.exe
2018-11-10 14:18 - 2018-11-10 14:16 - 073944455 _____ C:\Users\Mara\Documents\SoundWireServer.DMP
2018-11-10 13:24 - 2018-11-10 13:24 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioRelay.lnk
2018-11-10 13:24 - 2018-11-10 13:24 - 000000000 ____D C:\Program Files\AudioRelay
2018-11-10 07:03 - 2018-11-10 07:03 - 000001070 _____ C:\Users\Public\Desktop\SoundWire Server.lnk
2018-11-10 07:03 - 2018-11-10 07:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundWire Server
2018-11-10 07:03 - 2018-11-10 07:03 - 000000000 ____D C:\Program Files\SoundWire Server
2018-11-10 06:36 - 2018-11-10 07:01 - 000004959 _____ C:\Users\Mara\AppData\Roaming\wifi_speakers.dat
2018-11-10 05:00 - 2018-11-10 05:00 - 000000000 ____D C:\Users\Mara\AppData\Roaming\DeReporting
2018-11-10 02:46 - 2018-02-20 11:11 - 000014848 _____ (TeamViewer GmbH) C:\Windows\system32\Drivers\TVMonitor.sys
2018-11-10 01:32 - 2018-11-10 01:36 - 000000000 ____D C:\Users\Mara\AppData\Local\TeamViewer
2018-11-10 01:29 - 2018-11-11 08:38 - 000000000 ____D C:\Program Files\TeamViewer
2018-11-10 01:29 - 2018-11-10 01:57 - 000000000 ____D C:\Users\Mara\AppData\Roaming\TeamViewer
2018-11-10 01:29 - 2018-11-10 01:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-11-10 01:29 - 2018-11-10 01:29 - 000000993 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2018-11-10 01:20 - 2018-11-10 01:20 - 000000000 ____D C:\Users\Mara\Downloads\Chrome
2018-11-09 23:44 - 2018-11-09 23:47 - 000001257 _____ C:\Users\Mara\Desktop\Ribbons.lnk
2018-11-06 12:44 - 2018-11-06 12:45 - 000000097 _____ C:\aa.txt
2018-11-01 04:54 - 2018-11-01 04:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter
2018-11-01 04:54 - 2018-11-01 04:54 - 000000000 ____D C:\ProgramData\Hagel Technologies
2018-11-01 04:54 - 2018-11-01 04:54 - 000000000 ____D C:\Program Files\DU Meter
2018-11-01 04:43 - 2018-11-01 04:44 - 000000000 ____D C:\Users\Mara\AppData\Roaming\uTorrent
2018-11-01 04:43 - 2018-11-01 04:43 - 000000947 _____ C:\Users\Mara\Desktop\µTorrent.lnk
2018-11-01 04:43 - 2018-11-01 04:43 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2018-11-01 04:18 - 2018-11-01 04:18 - 000000060 _____ C:\Windows\Wininit.ini
2018-11-01 04:07 - 2018-11-01 04:10 - 000000000 ____D C:\NetMon
2018-10-31 20:39 - 2018-10-31 20:39 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaProducts Net Activity Diagram
2018-10-31 20:39 - 2018-10-31 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaProducts Net Activity Diagram
2018-10-29 20:25 - 2016-07-22 08:21 - 001121040 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2018-10-29 20:25 - 2016-07-22 08:21 - 000589944 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2018-10-29 20:25 - 2016-07-22 08:21 - 000107648 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2018-10-29 09:33 - 2018-10-29 09:33 - 000000000 ____D C:\Users\Mara\Documents\Smartisan
2018-10-29 08:09 - 2018-10-29 09:24 - 000000000 ____D C:\Users\Mara\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64}
2018-10-29 07:52 - 2018-11-07 01:37 - 000000000 ____D C:\Program Files\HandShaker
2018-10-27 22:48 - 2018-10-27 22:48 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2018-10-27 22:48 - 2018-10-27 22:48 - 000002093 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2018-10-27 22:48 - 2018-10-27 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2018-10-22 15:18 - 2018-10-22 15:18 - 000040864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswa73dbf66c3c87bb5.tmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-13 03:52 - 2017-01-18 07:20 - 000000000 ____D C:\Install
2018-11-13 01:54 - 2017-01-18 07:11 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-13 01:54 - 2017-01-18 07:11 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-12 23:59 - 2017-01-17 18:20 - 000000000 ____D C:\Users\Mara\AppData\LocalLow\Mozilla
2018-11-12 11:32 - 2009-07-14 05:34 - 000014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-12 11:32 - 2009-07-14 05:34 - 000014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-11 20:49 - 2018-09-02 00:12 - 000000000 ____D C:\Filmy
2018-11-11 20:43 - 2017-01-19 17:24 - 000000000 ____D C:\Users\Mara\AppData\Local\Deployment
2018-11-11 13:30 - 2017-05-06 20:35 - 000000000 ____D C:\Program Files\SpeedFan
2018-11-11 09:07 - 2017-01-19 17:55 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-11 08:38 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-10 14:21 - 2018-03-03 14:12 - 000000000 ____D C:\Users\Mara\AppData\Local\CrashDumps
2018-11-10 14:14 - 2017-05-13 23:05 - 000007649 _____ C:\Users\Mara\AppData\Local\Resmon.ResmonCfg
2018-11-10 14:12 - 2017-02-19 02:27 - 000000000 ____D C:\KMPlayer
2018-11-10 13:24 - 2017-03-08 00:44 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-10 06:35 - 2017-01-18 07:02 - 000063568 _____ C:\Users\Mara\AppData\Local\GDIPFONTCACHEV1.DAT
2018-11-10 05:00 - 2018-09-21 20:52 - 000000000 ____D C:\Users\Mara\Downloads\Nové
2018-11-10 03:41 - 2017-03-07 23:48 - 000000000 ____D C:\Program Files\LogMeIn Hamachi
2018-11-10 02:47 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2018-11-10 02:32 - 2017-03-07 23:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2018-11-10 02:08 - 2018-01-31 10:32 - 000000000 ____D C:\ProgramData\ProductData
2018-11-10 02:08 - 2017-01-17 18:15 - 001658672 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-10 02:08 - 2009-07-14 09:44 - 000698450 _____ C:\Windows\system32\perfh005.dat
2018-11-10 02:08 - 2009-07-14 09:44 - 000150272 _____ C:\Windows\system32\perfc005.dat
2018-11-10 02:02 - 2009-07-14 05:33 - 001634280 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-05 12:50 - 2018-10-13 09:22 - 000000000 ___HD C:\Users\Mara\Downloads\.tmp.drivedownload
2018-11-05 12:08 - 2018-01-31 10:31 - 000000000 ____D C:\ProgramData\IObit
2018-11-01 04:54 - 2009-07-14 05:52 - 000000000 ____D C:\Program Files\Windows Sidebar
2018-10-31 20:50 - 2018-10-13 09:32 - 000000000 ___HD C:\Users\Mara\Desktop\.tmp.drivedownload
2018-10-31 19:44 - 2018-10-13 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-10-31 19:44 - 2017-01-20 08:19 - 000002006 _____ C:\Users\Public\Desktop\Google Slides.lnk
2018-10-31 19:44 - 2017-01-20 08:19 - 000002004 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2018-10-31 19:44 - 2017-01-20 08:19 - 000001994 _____ C:\Users\Public\Desktop\Google Docs.lnk
2018-10-29 17:42 - 2017-08-07 16:31 - 000000000 ____D C:\Program Files\DIFX
2018-10-29 08:46 - 2017-01-19 09:27 - 000000000 ____D C:\Windows\system32\MRT
2018-10-29 08:38 - 2017-01-19 09:27 - 133674168 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-10-29 08:05 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\inetsrv
2018-10-27 22:48 - 2018-01-31 10:32 - 000000000 ____D C:\Program Files\Common Files\IObit
2018-10-27 22:48 - 2018-01-31 10:31 - 000000000 ____D C:\Program Files\IObit
2018-10-25 21:57 - 2017-02-02 17:01 - 000000000 ___SD C:\Users\Mara\AppData\LocalLow\Temp
2018-10-23 13:46 - 2017-03-03 09:01 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-10-22 15:31 - 2017-01-21 07:26 - 000000000 ____D C:\Users\Mara\AppData\Local\Adobe
2018-10-22 15:25 - 2017-01-21 07:27 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-10-22 15:25 - 2017-01-21 07:27 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-10-22 15:25 - 2017-01-21 07:27 - 000000000 ____D C:\Windows\system32\Macromed
2018-10-22 15:20 - 2017-03-03 09:02 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Mozilla
2018-10-22 15:20 - 2017-03-03 09:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-10-22 15:18 - 2017-11-17 22:35 - 000397136 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8b8f43e07af0892e.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000310880 _____ (AVAST Software) C:\Windows\system32\Drivers\asw ec990e614644d65.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000167648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswf854c82e47f3d3f2.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000157112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswcdfb3cd8fc0e0a2e.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000135368 _____ (AVAST Software) C:\Windows\system32\Drivers\asw5f63604a8b178ce5.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000101152 _____ (AVAST Software) C:\Windows\system32\Drivers\asw11507f0bfc2c4062.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000072968 _____ (AVAST Software) C:\Windows\system32\Drivers\asw71e551631202ad61.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000042912 _____ (AVAST Software) C:\Windows\system32\Drivers\asw 22df3105cdb5a6c.tmp
2018-10-22 15:17 - 2017-12-24 10:04 - 000139008 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1b5ef4eb81580914.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000784728 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4beda3425c002a0c.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000284424 _____ (AVAST Software) C:\Windows\system32\Drivers\asw19a4eb8483f5abb5.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000188952 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3200c309ec33e2a8.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000165552 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4fda499ecc7c1787.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000058072 _____ (AVAST Software) C:\Windows\system32\Drivers\asw5fa794c4301515ae.tmp
2018-10-21 11:34 - 2018-07-31 18:42 - 000000000 ____D C:\Users\Mara\AppData\Local\AVAST Software
2018-10-21 11:31 - 2017-01-17 18:33 - 000000452 __RSH C:\ProgramData\ntuser.pol
2018-10-20 13:11 - 2017-03-11 10:36 - 000000000 ____D C:\Program Files\Bonjour

==================== Files in the root of some directories =======

2018-10-13 08:40 - 2018-10-13 09:01 - 007649280 _____ () C:\Program Files\GUT8005.tmp
2018-11-10 06:36 - 2018-11-10 07:01 - 000004959 _____ () C:\Users\Mara\AppData\Roaming\wifi_speakers.dat
2017-05-13 23:05 - 2018-11-10 14:14 - 000007649 _____ () C:\Users\Mara\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2018-11-10 05:00 - 2018-11-10 05:00 - 000580608 _____ () C:\Users\Mara\AppData\Local\Temp\4716656.exe
2018-10-14 06:08 - 2009-07-14 02:15 - 000857088 _____ (Microsoft Corporation) C:\Users\Mara\AppData\Local\Temp\kernel32.dll
2018-10-15 06:27 - 2018-11-11 13:30 - 000192512 _____ () C:\Users\Mara\AppData\Local\Temp\sfamcc00001.dll
2018-10-31 17:52 - 2018-10-31 17:52 - 000192512 _____ () C:\Users\Mara\AppData\Local\Temp\sfamcc00002.dll
2018-11-11 13:30 - 2018-11-11 13:30 - 000158720 _____ () C:\Users\Mara\AppData\Local\Temp\sfareca00001.dll
2018-09-02 00:31 - 2018-09-20 17:48 - 000192512 _____ () C:\Users\Míša\AppData\Local\Temp\sfamcc00001.dll
2018-09-17 18:29 - 2018-09-17 18:29 - 000192512 _____ () C:\Users\Míša\AppData\Local\Temp\sfamcc00002.dll
2018-09-20 17:48 - 2018-09-20 17:48 - 000158720 _____ () C:\Users\Míša\AppData\Local\Temp\sfareca00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2009-07-14 00:24] - [2009-07-14 02:16] - 000811520 _____ (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-04 12:34

==================== End of FRST.txt ============================

.
.
.
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11.11.2018
Ran by Mara (13-11-2018 03:54:53)
Running from C:\Users\Mara\Desktop
Microsoft Windows 7 Professional (X86) (2017-01-17 17:08:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-385729116-3703201098-1527315605-500 - Administrator - Disabled)
Guest (S-1-5-21-385729116-3703201098-1527315605-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-385729116-3703201098-1527315605-1006 - Limited - Enabled)
Mara (S-1-5-21-385729116-3703201098-1527315605-1000 - Administrator - Enabled) => C:\Users\Mara
Míša (S-1-5-21-385729116-3703201098-1527315605-1004 - Administrator - Enabled) => C:\Users\Míša

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM\...\Adobe_4977c84bcdc298c444ccfbdcccb660d) (Version: 10.0 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM\...\{6ABB4DB7-5E8F-4F7A-AAF2-C7B4337B7161}) (Version: 2.5.3233 - Famatech)
Advanced Port Scanner 2.4 (HKLM\...\{10F177CF-543F-4BC2-A297-DBF73709D3C5}) (Version: 2.4.2750 - Famatech)
Aktualizace NVIDIA 31.0.11.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.11.0 - NVIDIA Corporation) Hidden
AMP WinOFF 5.0.1 (HKLM\...\AMP WinOFF) (Version: 5.0.1 - Alberto Martinez Perez)
Any Video Converter Ultimate 6.1.2 (HKLM\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio FREE (HKLM\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Audio MP3 Editor 5.80 (HKLM\...\Audio MP3 Editor_is1) (Version: - audio2x.com)
AudioRelay version 0.4.4 (HKLM\...\{86705A3A-8AAB-4C7C-B311-A0426548373F}_is1) (Version: 0.4.4 - azEfsw)
Backup and Sync from Google (HKLM\...\{36F77FB6-DB7A-4293-ADF6-D8B081F27DD6}) (Version: 3.43.1584.4446 - Google, Inc.)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (01/05/2012 2.0000.0.1) (HKLM\...\49D9ABA9270C5BDFD7AE1BEB607D36B26BB90235) (Version: 01/05/2012 2.0000.0.1 - MediaTek Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (12/24/2011 2.0000.0.0) (HKLM\...\D0E6296D177F42BB31C0200E49412003DB6C4633) (Version: 12/24/2011 2.0000.0.0 - MediaTek Inc.)
Balíček ovladače systému Windows - MediaTek Inc. Net (07/14/2011 1.1129.00) (HKLM\...\8BC3CF920AF63C7AEF78B82D1C60D94704FB95CD) (Version: 07/14/2011 1.1129.00 - MediaTek Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
DeReporting (HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\DeReporting) (Version: 1.0 - DeReporting)
DU Meter (HKLM\...\DUMeter3_is1) (Version: 4.01 Build R3076 - Hagel Technologies Ltd)
DVD to ISO (HKLM\...\{646E7341-F4F6-46E1-A6AE-2A91FED3F0E8}_is1) (Version: - dvdtoiso.com)
Ext2 IFS 1.12 for Windows 7/Server 2008 R2 (HKLM\...\Ext2Ifs_for_NT601) (Version: - )
Ext2Fsd 0.68 (HKLM\...\Ext2Fsd_is1) (Version: 0.68 - Matt Wu)
Google Earth Pro (HKLM\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
IObit Uninstaller 8 (HKLM\...\IObitUninstall) (Version: 8.1.0.13 - IObit)
Java 8 Update 161 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.1.5.8 - PandoraTV)
Lelohase version 5.0 (HKLM\...\Lelohase_is1) (Version: 5.0 - )
LG Flash (HKLM\...\{85173EC7-6F7F-4E6F-92BB-F8A14DC7A38C}) (Version: 2.0.1.6 - LG) Hidden
LG Flash (HKLM\...\LG Flash 2.0.1.6) (Version: 2.0.1.6 - LG)
LG Mobile Driver (HKLM\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.2.0 - LG Electronics)
LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)
LG USB WML Modem Driver (HKLM\...\{FBA0CA60-8BF2-4381-B819-74F020E165A9}) (Version: 1.0 - LG Electronics)
LGFlashTool 1.8.1.1023 (HKLM\...\LGFlashTool) (Version: 1.8.1.1023 - LGE)
LGUP 8994 DLL (HKLM\...\{4504D6ED-2584-4CCA-9B24-3B09277473DF}) (Version: 0.0.3.23 - LG Electronics)
LogMeIn Hamachi (HKLM\...\{91B5DF26-717A-4A5F-AB10-CD450FAD428C}) (Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
MediaTek Driver Packages version 5.14.53.00 (HKLM\...\MediaTek Driver Packages_is1) (Version: 5.14.53.00 - MediaTek.Inc.)
MediaTek SP Driver version 5.16.32.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.16.32.04 - MediaTek.Inc.)
Microsoft .NET Core 2.1.5 - Windows Server Hosting (HKLM\...\{a8c51303-1ef5-45a9-a888-ca9ef21982a9}) (Version: 2.1.13320.0 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Research Mesh Virtual WIFI (HKLM\...\{034A32D5-699E-4AED-A2EB-2CCB6E7F37F1}) (Version: 1.0.000 - Microsoft Research)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
MiniTool Partition Wizard Professional Edition 9.1 (HKLM\...\{2991A446-D356-44EC-930A-42E8B02A67C0}_is1) (Version: - MiniTool Solution Ltd.)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 62.0.3 (x86 cs) (HKLM\...\Mozilla Firefox 62.0.3 (x86 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
Mp3 Audio Editor (HKLM\...\Mp3 Audio Editor) (Version: - Mp3AudioEditor Inc.)
MP3 Normalizer (HKLM\...\MP3 Normalizer) (Version: 1.02 - mp3-soft.com)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed Underground 2 (HKLM\...\Need for Speed Underground 2) (Version: - )
Need for Speed™ Most Wanted (HKLM\...\{ADE91A13-434D-4229-00BC-182BAD607303}) (Version: - )
Nero Info (HKLM\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
Nero MediaHome Free (HKLM\...\{4C4E731B-FFBC-4CD4-967E-B468E61C89F4}) (Version: 16.0.03300 - Nero AG)
NirSoft NK2Edit (HKLM\...\NirSoft NK2Edit) (Version: - )
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{41DB3D33-D655-40BB-8BF3-824768DD6170}) (Version: 17.0.420 - O&O Software GmbH)
OpenOffice 4.1.3 (HKLM\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Ovládací panel NVIDIA 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 309.08 - NVIDIA Corporation) Hidden
PC Remote Receiver 5.8.0 (HKLM\...\PC Remote Receiver) (Version: 5.8.0 - monect.com)
PDF Settings (HKLM\...\{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Prerequisite installer (HKLM\...\{799AFA36-4EA5-4323-8689-74C06645A26B}) (Version: 16.0.0004 - Nero AG) Hidden
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SDÍLEJ.CZ Manager (HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\69f070f18ade444c) (Version: 0.0.1.42 - SDÍLEJ.CZ)
SoundWire Server version 2.5 (HKLM\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 2.5 - GeorgieLabs)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
TeamViewer 13 (HKLM\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.0a - Ghisler Software GmbH)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
USB PC Camera (SN9C103) (HKLM\...\{EADAA6F7-991F-4CE9-B5CE-FCF3D81F7C7D}) (Version: 4.18.0.000 - Sonix)
USB Serial Port Driver (x86) (HKLM\...\{18800668-6583-4E75-ACDB-583DBB9E5F08}) (Version: 2013.30.0.313 - Nokia)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (05/11/2014 4.1.0000.00000) (HKLM\...\87222192CAFC6995E0CFC9B7690CF03A8B411292) (Version: 05/11/2014 4.1.0000.00000 - Google, Inc.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/11/2009 2.0.0010.00002) (HKLM\...\256CD808BFEEBAFFBD9071CA2C9D2D633E524FC9) (Version: 08/11/2009 2.0.0010.00002 - Google, Inc.)
Windows Driver Package - Qualcomm (qcusbnet) Net (07/29/2011 1.0.6.5) (HKLM\...\2F53F0A0FCEDAFD3CCCB1439CAAE0738B4BAFBFB) (Version: 07/29/2011 1.0.6.5 - Qualcomm)
Windows Driver Package - Qualcomm Incorporated (qcusbser) Modem (07/29/2011 2.0.8.7) (HKLM\...\6BF6A4AE61C76DD6CBA31ACB5852032BA320D4E4) (Version: 07/29/2011 2.0.8.7 - Qualcomm Incorporated)
Windows Driver Package - Qualcomm Incorporated (qcusbser) Ports (07/29/2011 2.0.8.7) (HKLM\...\B041351E684D13DF6500880671EDDA42E3285328) (Version: 07/29/2011 2.0.8.7 - Qualcomm Incorporated)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wondershare MirrorGo(Version 1.9.0) (HKLM\...\{EE843B49-D9BC-4A9E-A8A7-B9F14C0381C7}_is1) (Version: 1.9.0 - Wondershare)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.5 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-385729116-3703201098-1527315605-1000_Classes\CLSID\{DB450005-9764-11D6-819E-005056C00008}\localserver32 -> C:\Users\Mara\AppData\Local\Temp\is-E9Q19.tmp\DUMeter-Install.tmp => No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [0WinSecurityProvider] -> {F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637} => C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll [2018-11-01] ()
ContextMenuHandlers1: [Advanced SystemCare] -> [CC]{2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-10-04] (Google)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers1: [OODefrag] -> [CC]{48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [Advanced SystemCare] -> [CC]{2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers2: [OODefrag] -> [CC]{48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => -> No File
ContextMenuHandlers4: [Advanced SystemCare] -> [CC]{2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-10-04] (Google)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-31] (NVIDIA Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers6: [OODefrag] -> [CC]{48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-385729116-3703201098-1527315605-1000: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => -> No File
ContextMenuHandlers5_S-1-5-21-385729116-3703201098-1527315605-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01EB063A-19F8-428C-A4C1-F90E18B538E0} - \httpnewsfor24smocomhotsmartsm -> No File <==== ATTENTION
Task: {075351FB-2F9E-4784-B0EE-60FC31CD5AEC} - \{3FC65EF9-9158-4A54-91BF-7C9DE9B8618F} -> No File <==== ATTENTION
Task: {11B03A02-28EA-49B7-9554-8B17DF022532} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
Task: {1B7871FF-5887-4025-9779-DFFC1A5849C8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-31] (AVAST Software)
Task: {380AE368-69A2-4EE6-A310-B77040305A99} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
Task: {41E3D6C4-3D9B-4CFF-9302-38604E4198E1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-22] (Adobe Systems Incorporated)
Task: {4A89C20B-93E7-4A1D-A25C-357EEDCD6C9E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {4FE1784D-91CE-4BDE-B6E3-29CE7ED41083} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
Task: {5633A4B0-58B8-41DB-87E5-21691F7E37E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-18] (Google Inc.)
Task: {61A25131-BC2F-4336-96C4-1B28E76F818E} - \{BB9D3ED9-7B80-4B5E-8736-BB7F43F74B5E} -> No File <==== ATTENTION
Task: {7C7F4BF1-8EE6-49AF-B365-686865ED4473} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {7D4677BD-98AD-400B-895B-B831076DFFE1} - System32\Tasks\{AA7C8680-1EE5-42AF-B7E7-760DC7128344} => C:\Windows\system32\pcalua.exe -a "C:\PROGRAM FILES\CONMET\ConMet.exe" -c /uninstall
Task: {A45B472D-2204-4D0F-BCBD-67605661C1FF} - System32\Tasks\ErrorFixKIT => C:\Program Files\ErrorFix KIT\ErrorFixKIT.exe
Task: {B0131950-11EE-4940-98FE-7E50C92DA70F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {B10DB050-4E83-472D-8029-AF978D79B2F1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
Task: {B55D2426-0CC9-4B12-81D2-8D505ED17B9D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd)
Task: {C2CC99F0-94E2-449B-998C-00F9FDFC34E3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2018-01-10] (NVIDIA Corporation)
Task: {C5EBE1B5-9099-4A0A-A716-527028F2EBFD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-22] (Adobe Systems Incorporated)
Task: {C7D9BAAB-AE7C-4249-9FD2-A26717050520} - System32\Tasks\DeReporting => C:\Users\Mara\AppData\Roaming\DeReporting\DeReporting.exe [2018-11-10] () <==== ATTENTION
Task: {CFFB1575-F11D-4BB3-A133-995948A03CBB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2018-01-10] (NVIDIA Corporation)
Task: {D33AA5D3-5B3B-400C-A6DC-964B03FDAFE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-18] (Google Inc.)
Task: {E09B079E-0295-4577-AEA8-D628361422F1} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {EF6F7AB9-ADDA-4831-A092-DA631839DD84} - System32\Tasks\Driver Booster SkipUAC (Mara) => C:\Program Files\IObit\Driver Booster\5.2.0\DriverBooster.exe
Task: {FDC2200B-29EA-41D8-A9A4-D2F762714E23} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd)
Task: {FE288029-E149-4797-B55A-30FB84FB472A} - System32\Tasks\Uninstaller_SkipUac_Mara => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2018-10-17] (IObit)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samsung Galaxy Ace - Guide - Cygwin-Odin\Cygwin Terminal.lnk -> C:\cygwin\Cygwin.bat (No File)

ShortcutWithArgument: C:\Users\Mara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,FileProtocolHandler "hxxp://www.mail.ru/cnt/20775012?gp=811550"
ShortcutWithArgument: C:\Users\Mara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2018-03-24 08:28 - 2015-01-31 01:48 - 000078480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2018-03-03 10:54 - 2018-01-10 15:05 - 001042280 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-11-01 04:47 - 2018-11-01 04:47 - 004488704 _____ () C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll
2018-11-01 04:47 - 2018-11-01 04:47 - 002844672 _____ () C:\ProgramData\Microsoft\Security\Client\SecurityHelper.dll
2018-11-10 05:00 - 2018-11-10 05:00 - 000580608 _____ () C:\Users\Mara\AppData\Roaming\DeReporting\DeReporting.exe
2017-01-17 18:14 - 2014-05-23 16:36 - 000847872 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2017-01-17 18:14 - 2014-05-23 16:36 - 001411072 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2017-01-17 18:14 - 2014-05-23 16:36 - 000193024 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2017-01-17 18:14 - 2014-05-23 16:36 - 000137728 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2017-01-17 18:14 - 2014-05-23 16:36 - 000115712 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2018-10-30 21:56 - 2018-10-23 22:45 - 004238168 _____ () C:\Program Files\Google\Chrome\Application\70.0.3538.77\libglesv2.dll
2018-10-30 21:56 - 2018-10-23 22:45 - 000096600 _____ () C:\Program Files\Google\Chrome\Application\70.0.3538.77\libegl.dll
2018-10-27 22:48 - 2018-05-02 16:42 - 000442128 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2018-10-27 22:48 - 2018-05-02 16:42 - 000210704 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2018-10-27 22:48 - 2018-05-02 16:42 - 000059664 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-06-29 19:01 - 2016-06-29 19:01 - 008166536 _____ () C:\Program Files\SpeedFan\speedfan.exe
2018-11-11 13:30 - 2018-11-11 13:30 - 000158720 _____ () C:\Users\Mara\AppData\Local\Temp\sfareca00001.dll
2018-10-15 06:27 - 2018-11-11 13:30 - 000192512 _____ () C:\Users\Mara\AppData\Local\Temp\sfamcc00001.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2018-10-22 15:17 - 000000000 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-385729116-3703201098-1527315605-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: TrueKey => 2
MSCONFIG\Services: TrueKeyScheduler => 2
MSCONFIG\Services: TrueKeyServiceHelper => 3
MSCONFIG\Services: vncserver => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk => C:\Windows\pss\O&O Defrag Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SPDriverInstall.lnk => C:\Windows\pss\SPDriverInstall.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk => C:\Windows\pss\TMMonitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk => C:\Windows\pss\Universal Media Server.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Míša^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IPMSG for Win.lnk => C:\Windows\pss\IPMSG for Win.lnk.Startup
MSCONFIG\startupreg: Advanced SystemCare 11 => "C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Users\Mara\samsung\NPSAgent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: ConMet => C:\Program Files\ConMet\ConMet.exe
MSCONFIG\startupreg: Connectify Hotspot => C:\Program Files\Connectify\Connectify.exe autorun
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Dropbox => "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: Free Download Manager => "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: JetVoice => "C:\Users\Mara\Downloads\JETVOICE.EXE" AUTORUN
MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MailRuUpdater => C:\Users\Mara\AppData\Local\Mail.Ru\MailRuUpdater.exe
MSCONFIG\startupreg: Monitor => C:\Windows\PixArt\PAC207\Monitor.exe
MSCONFIG\startupreg: netmon.exe => C:\Program Files\netmon\netmon.exe
MSCONFIG\startupreg: NPSStartup =>
MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe
MSCONFIG\startupreg: PAC207_Monitor => C:\Windows\PixArt\PAC207\Monitor.exe
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: snpstd2 => C:\Windows\vsnpstd2.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{52D11CA5-B39F-4ABD-A1C0-16C94110A2F0}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F130144D-D6E0-4006-A26E-5BA7485BC874}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{02E69BAB-5D4A-4D4F-B1F5-BF0A5A05174C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F63E1C48-939B-408B-A1DF-7A2B478F350C}C:\program files\ea games\need for speed underground 2\speed2.exe] => (Allow) C:\program files\ea games\need for speed underground 2\speed2.exe
FirewallRules: [UDP Query User{B72D020A-2346-4D2C-83C1-3BD302B0849C}C:\program files\ea games\need for speed underground 2\speed2.exe] => (Allow) C:\program files\ea games\need for speed underground 2\speed2.exe
FirewallRules: [TCP Query User{7060C3D0-DF5D-4350-9151-8C338CCFD52C}C:\program files\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files\wondershare\mirrorgo\mirrorgo.exe
FirewallRules: [UDP Query User{066DC2FC-E788-467E-8218-E2C78DABEC7B}C:\program files\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files\wondershare\mirrorgo\mirrorgo.exe
FirewallRules: [TCP Query User{E34F2320-5F11-4EB6-894A-74068BABE7D4}C:\program files\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files\wondershare\mirrorgo\mirrorgo.exe
FirewallRules: [UDP Query User{7A58F333-A31F-408C-A81E-5B2849B87E2A}C:\program files\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files\wondershare\mirrorgo\mirrorgo.exe
FirewallRules: [{2B750154-8AFB-446F-A2CE-7C119BD6A59D}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{619A0099-6652-4146-920F-5B8CE566C306}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{12336298-9BE9-47D2-AD56-A8EF93F5407A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F79423ED-882D-49E7-BD22-9DE9CCBF167D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{50663A96-9C01-44BD-A830-1E63DFEEEBD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{CB52D2CA-9DAD-4BEA-9EAD-9C9A707883E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F8415E54-AB09-46D1-8685-AE3C325504D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{084618D0-6E79-4EF5-B876-621BBE6312D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AC59438F-53C5-4C7A-9FB9-57C727EB05BC}] => (Allow) C:\Program Files\Samsung\Kies\Kies.exe
FirewallRules: [{18579335-54F1-4D86-A885-86178EB3D130}] => (Allow) C:\Program Files\Samsung\Kies\Kies.exe
FirewallRules: [{F411102D-5357-4759-B100-B16F42EF495D}] => (Allow) C:\Program Files\Samsung\Kies\Kies.exe
FirewallRules: [{2346A297-3F02-4844-A408-DFEC88D7E110}] => (Allow) C:\Program Files\Samsung\Kies\Kies.exe
FirewallRules: [{C98325C9-4CE6-4CE5-AA44-39954578BAFE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{019EDEE0-9D51-4EE1-81DC-06869DEA9601}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{27E72474-735D-4A65-9AB3-31C9AB3A620C}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{1CA05547-0023-449F-889D-58D710DB8243}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [TCP Query User{DE1A2F34-B26D-4691-9738-9F4FC442923C}C:\program files\pc remote receiver\pcremotereceiver.exe] => (Allow) C:\program files\pc remote receiver\pcremotereceiver.exe
FirewallRules: [UDP Query User{62D23E12-05C2-4F64-BEC9-FE1B007CFBFF}C:\program files\pc remote receiver\pcremotereceiver.exe] => (Allow) C:\program files\pc remote receiver\pcremotereceiver.exe
FirewallRules: [{BE6402FC-BB5A-4034-97BF-0B6DE45D79DD}] => (Allow) C:\Program Files\PC Remote Receiver\PCRemoteReceiver.exe
FirewallRules: [{EA7377AD-7240-42C2-820C-0D9CF461C5F5}] => (Allow) C:\Program Files\PC Remote Receiver\MonectMediaCenter.exe
FirewallRules: [TCP Query User{4E610039-47D4-4B46-BF1D-BBB6C4816A98}C:\@@@flash lg\flash lg\shttps\http.exe] => (Allow) C:\@@@flash lg\flash lg\shttps\http.exe
FirewallRules: [UDP Query User{569C2B59-9789-46DA-BA5F-9D47ABADD387}C:\@@@flash lg\flash lg\shttps\http.exe] => (Allow) C:\@@@flash lg\flash lg\shttps\http.exe
FirewallRules: [{7280A26E-182F-4BA1-8D07-92A06369C176}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{C0AFE950-6D75-4BA7-9E2A-15CB060EC88C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{259C3D7F-7A57-4D21-926D-74989160EB69}] => (Allow) C:\Users\Míša\AppData\Local\IPMsg\ipmsg.exe
FirewallRules: [{91B09CD3-E71C-4153-92E3-BD35C58260EA}] => (Allow) C:\Users\Míša\AppData\Local\IPMsg\ipmsg.exe
FirewallRules: [TCP Query User{69202BBD-57D5-41C7-9827-CCC3EF5EA577}C:\users\míša\appdata\local\ipmsg\ipmsg.exe] => (Block) C:\users\míša\appdata\local\ipmsg\ipmsg.exe
FirewallRules: [UDP Query User{1C1247CB-DF5E-4378-96AB-4C379953763E}C:\users\míša\appdata\local\ipmsg\ipmsg.exe] => (Block) C:\users\míša\appdata\local\ipmsg\ipmsg.exe
FirewallRules: [{BC3D99CE-60D9-4094-92F7-25E286B9F01C}] => (Allow) C:\KMPlayer\KMPlayer.exe
FirewallRules: [{C9376C76-F28B-4751-AE50-B7E981EBBE51}] => (Allow) C:\KMPlayer\KMPlayer.exe
FirewallRules: [{3CCB845A-22D6-47E7-8A48-F578F496E636}] => (Allow) C:\KMPlayer\KMPlayer.exe
FirewallRules: [{7813CB46-892C-43B7-A7DE-4BFFF5DD187E}] => (Allow) C:\KMPlayer\KMPlayer.exe
FirewallRules: [{045597AB-BC31-4086-9738-68901260D04E}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{83704968-63DB-40CE-8F0B-A7FC3F23B59E}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{439CDB3B-FF39-4C6D-80FA-984A47D0705E}] => (Allow) C:\Program Files\Nero\KM\NMDllHost.exe
FirewallRules: [{EA9A4493-5387-4ED7-B908-DE216E428DFD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{BD6977B3-8AEE-4AD6-9F60-04509FD3D833}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{0A30441A-4172-4841-8C65-90E8677BD08D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3BA9D126-48D5-4572-A87C-81F3ACC480F8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{4EDF49FA-23AB-4012-882B-59596695A79F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{39776C57-FD31-4874-86C5-C9BF5DC9602B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{FCF3A783-E74D-4AA7-9335-02F9B924CABD}C:\users\mara\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mara\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{049E07E1-240F-4A40-BF44-12372510FB39}C:\users\mara\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mara\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{C22C9649-C17A-4162-AF10-823807EF7834}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{15D71E31-A6E6-4244-99C2-6C7FDE3B5BD5}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{403D75C1-D58D-49C8-8B2C-3E3CC13DFFD1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{7D9D1B90-10B9-4BD5-8068-AC3F123B0A45}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{EFEBFAAB-4089-428D-AF12-6130C47EB7C5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{41605CE4-8395-4E0A-9778-7CCF2128BEAB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{58A0D3F1-4FFA-40CD-8BC1-65386AA614E6}] => (Allow) C:\Users\Mara\AppData\Roaming\DeReporting\DeReporting.exe
FirewallRules: [{0EC133FD-818B-4978-92D2-5153945D45D9}] => (Allow) C:\Users\Mara\AppData\Roaming\DeReporting\DeReporting.exe
FirewallRules: [TCP Query User{D8CF901B-C1A2-4B6B-B36D-52DDCF779BF6}C:\program files\soundwire server\soundwireserver.exe] => (Allow) C:\program files\soundwire server\soundwireserver.exe
FirewallRules: [UDP Query User{50161135-918D-4EE4-9E56-48276BE86527}C:\program files\soundwire server\soundwireserver.exe] => (Allow) C:\program files\soundwire server\soundwireserver.exe
FirewallRules: [{E8A61926-AFFE-46BD-8A80-8CDF4750A170}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Intel(R) 82566DC – gigabitové síťové připojení
Description: Intel(R) 82566DC – gigabitové síťové připojení
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1express
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Myš Microsoft pro port PS/2
Description: Myš Microsoft pro port PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/11/2018 11:46:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\MediaTek\sp driver\drv\dpinst64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/10/2018 02:21:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SoundWireServer.exe, verze: 2.5.0.0, časové razítko: 0x5b14c42b
Název chybujícího modulu: SoundWireServer.exe, verze: 2.5.0.0, časové razítko: 0x5b14c42b
Kód výjimky: 0xc0000005
Posun chyby: 0x00018d4b
ID chybujícího procesu: 0x254c
Čas spuštění chybující aplikace: 0x01d478f0cd2fdc95
Cesta k chybující aplikaci: C:\Program Files\SoundWire Server\SoundWireServer.exe
Cesta k chybujícímu modulu: C:\Program Files\SoundWire Server\SoundWireServer.exe
ID zprávy: 904936ab-e4eb-11e8-817b-c7b24da6bc49

Error: (11/10/2018 01:25:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AudioRelay.exe, verze: 0.4.4.0, časové razítko: 0x5bd62977
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdaae
Kód výjimky: 0xe0434352
Posun chyby: 0x00009617
ID chybujícího procesu: 0xc24
Čas spuštění chybující aplikace: 0x01d478f05b15b61f
Cesta k chybující aplikaci: C:\Program Files\AudioRelay\AudioRelay.exe
Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID zprávy: a6553560-e4e3-11e8-817b-c7b24da6bc49

Error: (11/10/2018 01:25:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: AudioRelay.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: SimpleInjector.ActivationException
Zásobník:
na SimpleInjector.InstanceProducer.GetInstance()
na SimpleInjector.Container.GetInstanceForRootType[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]()
na SimpleInjector.Container.GetInstance[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]()
na AudioConnect.Program.RunApplication(System.Windows.Application)
na AudioConnect.Program.Main()

Error: (11/10/2018 12:30:52 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\MediaTek\sp driver\drv\dpinst64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/07/2018 02:28:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\MediaTek\sp driver\drv\dpinst64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/07/2018 12:13:39 AM) (Source: W3SVC-WP) (EventID: 2280) (User: )
Description: Dynamickou knihovnu C:\Windows\System32\inetsrv\cachuri.dll modulu se nepodařilo načíst. Data obsahují chybu.

Error: (11/07/2018 12:13:38 AM) (Source: W3SVC-WP) (EventID: 2280) (User: )
Description: Dynamickou knihovnu C:\Windows\System32\inetsrv\cachuri.dll modulu se nepodařilo načíst. Data obsahují chybu.


System errors:
=============
Error: (11/11/2018 08:38:58 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
Ext2Fsd

Error: (11/11/2018 08:38:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/10/2018 02:52:24 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (11/10/2018 02:25:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
Ext2Fsd

Error: (11/10/2018 02:24:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/10/2018 12:30:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba DU Meter Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/10/2018 12:29:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/10/2018 12:27:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MonectServerService byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz
Percentage of memory in use: 61%
Total physical RAM: 3069.61 MB
Available physical RAM: 1180.96 MB
Total Virtual: 5067.89 MB
Available Virtual: 2861.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:39.28 GB) (Free:2.69 GB) NTFS
Drive z: (Zaloha) (Fixed) (Total:2.14 GB) (Free:0.39 GB) NTFS

\\?\Volume{41c3a6b9-dcce-11e6-a77a-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: 1BDD5CA0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=39.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=35.2 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15196
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosim o kontrolu..(jestli vycistit nebo reinstall)

#2 Příspěvek od JaRon »

ahoj,
- odinstaluj Advanced SystemCare 11
- vycisti PC s ADWCleanerom
- doinstaluj MSIE11
- doinstaluj nejaky AV a vycisti nim PC
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

hoblik007
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 21 čer 2005 21:03
Bydliště: Olomouc
Kontaktovat uživatele:

Re: Prosim o kontrolu..(jestli vycistit nebo reinstall)

#3 Příspěvek od hoblik007 »

Vetsi cast mam hotovou,,,ale mam problem v tom,ze nemuzu nainstalovat Service Pack 1.
Tohle je ta hlaska:
Obrázek

Tim padem nenainstaluji ani MSIE11.

Tady jsou logy po odvšivení...

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-11-05.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-13-2018
# Duration: 00:00:06
# OS: Windows 7 Professional
# Cleaned: 58
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files\Common Files\IObit\Advanced SystemCare
Deleted C:\Windows\System32\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\Mara\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Míša\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Mara\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\Míša\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}
Deleted C:\Users\Mara\AppData\Roaming\Tencent
Deleted C:\ProgramData\Mail.Ru
Deleted C:\Windows\System32\config\systemprofile\AppData\Local\Mail.Ru
Deleted C:\Program Files\Smart Application Controller
Deleted C:\Users\Mara\AppData\Roaming\Smart Application Controller
Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\Solvusoft
Deleted C:\NetMon
Deleted C:\Users\Mara\AppData\Local\VirtualStore\Program Files\NetMon

***** [ Files ] *****

Deleted C:\Users\Public\Desktop\ASHAMPOO DEALS.URL
Deleted C:\Users\Mara\Desktop\?????? ? ?????????.url
Deleted C:\Users\Mara\Favorites\Mail.Ru.url
Deleted C:\Users\Mara\Favorites\Mail.Ru ????? - ????????? ??? ???????!.url
Deleted C:\Users\Mara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\ErrorFixKIT

***** [ Registry ] *****

Deleted HKLM\Software\IObit\RealTimeProtector
Deleted HKLM\Software\IObit\Advanced SystemCare
Deleted HKLM\Software\IOBIT\ASC
Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\Software\ErrorFixKIT
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A45B472D-2204-4D0F-BCBD-67605661C1FF}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ErrorFixKIT
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\MailRuUpdater
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 11
Deleted HKLM\Software\TWEAKBIT
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|AndroidServer.exe
Deleted HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\browser.exe
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted HKCU\Software\AppDataLow\Software\Mail.Ru
Deleted HKU\S-1-5-18\Software\Mail.Ru
Deleted HKCU\Software\Mail.Ru
Deleted HKU\.DEFAULT\Software\Mail.Ru
Deleted HKLM\Software\Mail.Ru
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted HKLM\Software\Classes\IESearchPlugin.MailRuBHO
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Deleted HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe

***** [ Chromium (and derivatives) ] *****

Deleted ?????
Deleted ?????
Deleted ???????? ???????? Mail.Ru
Deleted ???????? ???????? Mail.Ru
Deleted ????? Mail.Ru
Deleted ????? Mail.Ru

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6214 octets] - [13/11/2018 09:57:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11.11.2018
Ran by Mara (administrator) on MARAHOME (13-11-2018 14:57:06)
Running from C:\Users\Mara\Desktop
Loaded Profiles: Mara (Available Profiles: Mara & Míša)
Platform: Microsoft Windows 7 Professional (X86) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Hagel Technologies Ltd) C:\Program Files\DU Meter\DUMeterSvc.exe
(www.ext2fsd.com) C:\Program Files\Ext2Fsd\Ext2Srv.exe
(Monect) C:\Program Files\PC Remote Receiver\MonectServerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Monect) C:\Program Files\PC Remote Receiver\PCRemoteReceiver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Hagel Technologies Ltd) C:\Program Files\DU Meter\DUMeter.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
() C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [3246384 2013-09-19] (O&O Software GmbH)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-22] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\Run: [DU Meter] => C:\Program Files\DU Meter\DUMeter.exe [2645528 2008-06-10] (Hagel Technologies Ltd)
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {6bf30111-2a9f-11e7-a2c4-806e6f6e6963} - D:\EVOLVEO.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {8348f85e-82c7-11e8-9d8d-97c92c773f2b} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {e71d7552-deb2-11e8-bf0c-a174f39db544} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {e71d7578-deb2-11e8-bf0c-a174f39db544} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {f480d760-3281-11e7-8523-9158a7eba702} - E:\Autorun.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {f480d762-3281-11e7-8523-9158a7eba702} - F:\Setup.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2017-01-17]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Míša\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk [2017-05-06]
ShortcutTarget: SpeedFan.lnk -> C:\Program Files\SpeedFan\speedfan.exe ()
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{38F41E72-C37C-4B4E-AF14-F291EC5BB2F9}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{4D46237B-2EEB-41D3-A00A-AB8008D0EBC5}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{98B48FEC-E99C-44B9-A066-1B28DD21AD3F}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{9B929CA0-A7BC-4F07-B05C-0657296A2FE1}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{DCE59FC9-ED8B-4E63-A92C-689ED0552F4A}: [DhcpNameServer] 192.168.42.129
ManualProxies: 0hxxp://no-blocked.org/wpad.dat?b8375e4895b2ea9ef53597e2e827679524530446

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-385729116-3703201098-1527315605-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
SearchScopes: HKU\S-1-5-21-385729116-3703201098-1527315605-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-385729116-3703201098-1527315605-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-07-19] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-03-03] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-03] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-385729116-3703201098-1527315605-1000 -> No Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No File

FireFox:
========
FF DefaultProfile: 2xo86nih.default
FF ProfilePath: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default [2018-11-13]
FF user.js: detected! => C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\user.js [2018-01-31]
FF Homepage: Mozilla\Firefox\Profiles\2xo86nih.default -> hxxps://www.google.com/
FF Extension: (Free Download Manager extension) - C:\Users\Mara\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\fdm_ffext@freedownloadmanager.org [2017-10-09] [Legacy]
FF Extension: (Avast Online Security) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\wrc@avast.com.xpi [2018-11-13]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-15]
FF Extension: (FF Web Defender) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\{046258c9-75c5-429d-8d5b-386cfbadc39d}.xpi [2017-12-26]
FF Extension: (YouTube Best Video Downloader 2) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi [2018-04-24]
FF Extension: (Adobe Shockwave Flash Player) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\{42baa93e-0cff-4289-b79e-6ae88df668c4}.xpi [2018-03-03]
FF Extension: (Download YouTube Videos as MP4) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-03-14] [Legacy]
FF Extension: (Telemetry coverage) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\features\{c2d23ce4-f914-4bd0-98be-a969c5ca19be}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-23] [Legacy]
FF SearchPlugin: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\searchplugins\google-avast.xml [2017-02-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-22] ()
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-03] (Oracle Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BrowserPlugin\npBrowserPlugin.dll [2015-04-10] (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://mail.ru/cnt/10445?gp=811600
CHR StartupUrls: Default -> "hxxp://mail.ru/cnt/10445?gp=811600"
CHR Profile: C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default [2018-11-13]
CHR Extension: (Prezentace) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-13]
CHR Extension: (Dokumenty) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-13]
CHR Extension: (Disk Google) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-03]
CHR Extension: (YouTube) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-03]
CHR Extension: (Tabulky) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-05]
CHR Extension: (Gmail) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-03]
CHR Extension: (Chrome Media Router) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01]
CHR HKLM\...\Chrome\Extension: [bhjhnafpiilpffhglajcaepjbnbjemci] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [dijfnbhlogmffhgpelodglnnkncadnbi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hcadgijmedbfgciegjomfpjcdchlhnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-385729116-3703201098-1527315605-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6800144 2018-10-22] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-22] (AVAST Software)
S4 DbxSvc; C:\Windows\system32\DbxSvc.exe [40264 2017-01-21] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1142464 2017-02-07] (Disc Soft Ltd)
R2 DUMeterSvc; C:\Program Files\DU Meter\DUMeterSvc.exe [1386008 2008-06-10] (Hagel Technologies Ltd) [File not signed]
R2 Ext2Srv; C:\Program Files\Ext2Fsd\Ext2Srv.exe [34816 2016-07-09] (www.ext2fsd.com)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2017-03-11] (Macrovision Europe Ltd.) [File not signed]
S4 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [153360 2018-09-25] (IObit)
R4 MonectServerService; C:\Program Files\PC Remote Receiver\MonectServerService.exe [110592 2018-03-05] (Monect) [File not signed]
R4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [805752 2017-06-02] (Nero AG)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [468840 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [468840 2018-01-10] (NVIDIA Corporation)
R4 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1377072 2013-09-19] (O&O Software GmbH)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S4 WsAppService; C:\Program Files\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare)
S4 WsDrvInst; C:\Program Files\Wondershare\MirrorGo\DriverInstall.exe [111328 2017-05-05] (Wondershare)
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
S4 Hamachi2Svc; "C:\Program Files\LogMeIn Hamachi\hamachi-2.exe" -s [X]
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [32768 2016-09-01] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] (LG Electronics Inc.)
R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [32896 2011-11-28] (AnvSoft Inc.) [File not signed]
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167648 2018-10-22] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188952 2018-10-22] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165552 2018-10-22] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284424 2018-10-22] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [58072 2018-10-22] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [139008 2018-10-22] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42912 2018-10-22] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40864 2018-10-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135368 2018-10-22] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101152 2018-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72968 2018-10-22] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784728 2018-10-22] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397136 2018-10-22] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [157112 2018-10-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310880 2018-10-22] (AVAST Software)
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2014-05-23] (Atheros Communications, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [107648 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2017-05-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2017-05-06] (Disc Soft Ltd)
R1 Ext2fs; C:\Windows\System32\DRIVERS\ext2fs.sys [266800 2015-12-26] (Stephan Schreiber)
S0 Ext2Fsd; C:\Windows\system32\Drivers\Ext2Fsd.sys [710912 2016-07-09] (www.ext2fsd.com)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed]
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [27040 2017-03-02] (LogMeIn, Inc.)
S3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [24576 2009-02-02] (HTC1124 Inc) [File not signed]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2018-01-31] (REALiX(tm))
R0 IfsMount; C:\Windows\System32\DRIVERS\ifsmount.sys [59952 2015-12-23] (Stephan Schreiber)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [145664 2018-08-25] (ITE )
R3 IUProcessFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IUProcessFilter.sys [17264 2018-10-16] (IObit)
R3 IURegistryFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IURegistryFilter.sys [23440 2018-10-16] (IObit)
S3 mirrorv3; C:\Windows\System32\DRIVERS\rminiv3.sys [3328 2012-12-18] (Famatech International Corp.) [File not signed]
R3 monectdevices; C:\Windows\System32\DRIVERS\monectdevices.sys [14104 2013-12-03] ()
R3 MonitorFunction; C:\Windows\System32\DRIVERS\TVMonitor.sys [14848 2018-02-20] (TeamViewer GmbH)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29544 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [53616 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [52072 2018-01-10] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [618112 2008-02-13] (PixArt Imaging Inc.) [File not signed]
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2015-03-05] ()
S3 snpstd2; C:\Windows\System32\DRIVERS\snpstd2.sys [354688 2008-04-30] () [File not signed]
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (The OpenVPN Project) [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13184 2016-02-18] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [20864 2012-03-02] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [25216 2012-03-02] (LG Electronics Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2009-07-14] (Microsoft Corporation)
S3 VIA_USB_ETS_SS; C:\Windows\System32\DRIVERS\VIA_USB_ETS_SS.sys [18560 2012-04-17] (Via Telecom, Inc.) [File not signed]
S3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2016-06-06] (RealVNC Ltd.) [File not signed]
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [119952 2016-07-16] (MBB)
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X]
S3 MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [X]
S3 ssudmdm; system32\DRIVERS\ssudmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-13 13:24 - 2015-02-18 08:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2018-11-13 12:17 - 2018-11-13 13:14 - 029884416 _____ C:\Windows\system32\config\systme
2018-11-13 12:02 - 2018-11-13 11:57 - 000000221 _____ C:\w7a.bat
2018-11-13 11:48 - 2018-11-13 11:48 - 000000000 ____D C:\60aca25357cee1add1
2018-11-13 10:37 - 2018-11-13 10:37 - 000000000 ___HD C:\$AV_ASW
2018-11-13 10:35 - 2018-11-13 10:35 - 000002075 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-11-13 10:35 - 2018-11-13 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-11-13 10:33 - 2018-10-22 15:18 - 000397136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-11-13 10:33 - 2018-10-22 15:18 - 000310880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000167648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000157112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000135368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000072968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000042912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000040864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-11-13 10:33 - 2018-10-22 15:17 - 000784728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-11-13 10:33 - 2018-10-22 15:17 - 000284424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys
2018-11-13 10:33 - 2018-10-22 15:17 - 000188952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2018-11-13 10:33 - 2018-10-22 15:17 - 000165552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys
2018-11-13 10:33 - 2018-10-22 15:17 - 000139008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-11-13 10:33 - 2018-10-22 15:17 - 000058072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys
2018-11-13 04:45 - 2018-11-13 12:59 - 000000000 ___RD C:\Users\Mara\DriveWinDisk
2018-11-13 04:13 - 2018-11-13 05:17 - 000000000 ____D C:\Users\Mara\AppData\Local\PasswordSafe
2018-11-13 04:13 - 2018-11-13 04:47 - 000000000 ____D C:\Users\Mara\Documents\My Safes
2018-11-13 04:12 - 2018-11-13 04:12 - 000000992 _____ C:\Users\Mara\Desktop\Password Safe.lnk
2018-11-13 04:12 - 2018-11-13 04:12 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Password Safe
2018-11-13 04:12 - 2018-11-13 04:12 - 000000000 ____D C:\Program Files\Password Safe
2018-11-13 03:54 - 2018-11-13 14:57 - 000021896 _____ C:\Users\Mara\Desktop\FRST.txt
2018-11-13 03:54 - 2018-11-13 14:57 - 000000000 ____D C:\FRST
2018-11-13 03:54 - 2018-11-13 14:47 - 000045617 _____ C:\Users\Mara\Desktop\Addition.txt
2018-11-13 03:53 - 2018-11-13 03:52 - 001775616 _____ (Farbar) C:\Users\Mara\Desktop\FRST.exe
2018-11-10 14:18 - 2018-11-10 14:16 - 073944455 _____ C:\Users\Mara\Documents\SoundWireServer.DMP
2018-11-10 13:24 - 2018-11-10 13:24 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioRelay.lnk
2018-11-10 13:24 - 2018-11-10 13:24 - 000000000 ____D C:\Program Files\AudioRelay
2018-11-10 07:03 - 2018-11-10 07:03 - 000001070 _____ C:\Users\Public\Desktop\SoundWire Server.lnk
2018-11-10 07:03 - 2018-11-10 07:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundWire Server
2018-11-10 07:03 - 2018-11-10 07:03 - 000000000 ____D C:\Program Files\SoundWire Server
2018-11-10 06:36 - 2018-11-10 07:01 - 000004959 _____ C:\Users\Mara\AppData\Roaming\wifi_speakers.dat
2018-11-10 05:00 - 2018-11-13 10:37 - 000000000 ____D C:\Users\Mara\AppData\Roaming\DeReporting
2018-11-10 02:46 - 2018-02-20 11:11 - 000014848 _____ (TeamViewer GmbH) C:\Windows\system32\Drivers\TVMonitor.sys
2018-11-10 01:32 - 2018-11-10 01:36 - 000000000 ____D C:\Users\Mara\AppData\Local\TeamViewer
2018-11-10 01:29 - 2018-11-13 13:16 - 000000000 ____D C:\Program Files\TeamViewer
2018-11-10 01:29 - 2018-11-13 09:44 - 000000000 ____D C:\Users\Mara\AppData\Roaming\TeamViewer
2018-11-10 01:29 - 2018-11-10 01:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-11-10 01:29 - 2018-11-10 01:29 - 000000993 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2018-11-10 01:20 - 2018-11-10 01:20 - 000000000 ____D C:\Users\Mara\Downloads\Chrome
2018-11-09 23:44 - 2018-11-09 23:47 - 000001257 _____ C:\Users\Mara\Desktop\Ribbons.lnk
2018-11-06 12:44 - 2018-11-06 12:45 - 000000097 _____ C:\aa.txt
2018-11-01 04:54 - 2018-11-01 04:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter
2018-11-01 04:54 - 2018-11-01 04:54 - 000000000 ____D C:\ProgramData\Hagel Technologies
2018-11-01 04:54 - 2018-11-01 04:54 - 000000000 ____D C:\Program Files\DU Meter
2018-11-01 04:43 - 2018-11-01 04:44 - 000000000 ____D C:\Users\Mara\AppData\Roaming\uTorrent
2018-11-01 04:43 - 2018-11-01 04:43 - 000000947 _____ C:\Users\Mara\Desktop\µTorrent.lnk
2018-11-01 04:43 - 2018-11-01 04:43 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2018-11-01 04:18 - 2018-11-01 04:18 - 000000060 _____ C:\Windows\Wininit.ini
2018-10-31 20:39 - 2018-10-31 20:39 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaProducts Net Activity Diagram
2018-10-31 20:39 - 2018-10-31 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaProducts Net Activity Diagram
2018-10-29 20:25 - 2016-07-22 08:21 - 001121040 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2018-10-29 20:25 - 2016-07-22 08:21 - 000589944 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2018-10-29 20:25 - 2016-07-22 08:21 - 000107648 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2018-10-29 09:33 - 2018-10-29 09:33 - 000000000 ____D C:\Users\Mara\Documents\Smartisan
2018-10-29 08:09 - 2018-10-29 09:24 - 000000000 ____D C:\Users\Mara\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64}
2018-10-29 07:52 - 2018-11-07 01:37 - 000000000 ____D C:\Program Files\HandShaker
2018-10-27 22:48 - 2018-10-27 22:48 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2018-10-27 22:48 - 2018-10-27 22:48 - 000002093 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2018-10-27 22:48 - 2018-10-27 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2018-10-22 15:18 - 2018-10-22 15:18 - 000040864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswa73dbf66c3c87bb5.tmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-13 14:48 - 2009-07-14 05:34 - 000006080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-13 14:48 - 2009-07-14 05:34 - 000006080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-13 14:11 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\inetsrv
2018-11-13 13:24 - 2018-09-21 20:52 - 000000000 ____D C:\Users\Mara\Downloads\Nové
2018-11-13 13:19 - 2017-01-17 18:20 - 000000000 ____D C:\Users\Mara\AppData\LocalLow\Mozilla
2018-11-13 13:18 - 2017-01-19 17:55 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-13 13:16 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-13 12:39 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\NDF
2018-11-13 12:29 - 2018-03-03 14:12 - 000000000 ____D C:\Users\Mara\AppData\Local\CrashDumps
2018-11-13 12:28 - 2018-07-31 18:42 - 000000000 ____D C:\Users\Mara\AppData\Local\AVAST Software
2018-11-13 10:03 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2018-11-13 10:00 - 2018-03-05 13:17 - 000000000 ____D C:\Users\Míša\AppData\Roaming\IObit
2018-11-13 10:00 - 2018-03-05 13:17 - 000000000 ____D C:\Users\Míša\AppData\LocalLow\IObit
2018-11-13 10:00 - 2018-01-31 10:32 - 000000000 ____D C:\Users\Mara\AppData\LocalLow\IObit
2018-11-13 10:00 - 2018-01-31 10:32 - 000000000 ____D C:\Program Files\Common Files\IObit
2018-11-13 09:57 - 2017-02-21 19:19 - 000000000 ____D C:\AdwCleaner
2018-11-13 09:40 - 2017-05-07 04:01 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-11-13 09:39 - 2017-05-07 04:01 - 000000000 ____D C:\Program Files\CCleaner
2018-11-13 09:39 - 2017-01-18 07:20 - 000000000 ____D C:\Install
2018-11-13 09:26 - 2018-01-31 10:31 - 000000000 ____D C:\Program Files\IObit
2018-11-13 04:49 - 2017-01-20 08:22 - 000000000 ___RD C:\Users\Mara\Disk Google
2018-11-13 04:46 - 2017-01-20 08:23 - 000001708 _____ C:\Users\Mara\Desktop\Disk Google.lnk
2018-11-13 04:45 - 2017-01-17 18:09 - 000000000 ____D C:\Users\Mara
2018-11-13 01:54 - 2017-01-18 07:11 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-13 01:54 - 2017-01-18 07:11 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-11 20:49 - 2018-09-02 00:12 - 000000000 ____D C:\Filmy
2018-11-11 20:43 - 2017-01-19 17:24 - 000000000 ____D C:\Users\Mara\AppData\Local\Deployment
2018-11-11 13:30 - 2017-05-06 20:35 - 000000000 ____D C:\Program Files\SpeedFan
2018-11-10 14:14 - 2017-05-13 23:05 - 000007649 _____ C:\Users\Mara\AppData\Local\Resmon.ResmonCfg
2018-11-10 14:12 - 2017-02-19 02:27 - 000000000 ____D C:\KMPlayer
2018-11-10 13:24 - 2017-03-08 00:44 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-10 06:35 - 2017-01-18 07:02 - 000063568 _____ C:\Users\Mara\AppData\Local\GDIPFONTCACHEV1.DAT
2018-11-10 03:41 - 2017-03-07 23:48 - 000000000 ____D C:\Program Files\LogMeIn Hamachi
2018-11-10 02:32 - 2017-03-07 23:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2018-11-10 02:08 - 2018-01-31 10:32 - 000000000 ____D C:\ProgramData\ProductData
2018-11-10 02:08 - 2017-01-17 18:15 - 001658672 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-10 02:08 - 2009-07-14 09:44 - 000698450 _____ C:\Windows\system32\perfh005.dat
2018-11-10 02:08 - 2009-07-14 09:44 - 000150272 _____ C:\Windows\system32\perfc005.dat
2018-11-10 02:02 - 2009-07-14 05:33 - 001634280 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-05 12:50 - 2018-10-13 09:22 - 000000000 ___HD C:\Users\Mara\Downloads\.tmp.drivedownload
2018-11-05 12:08 - 2018-01-31 10:31 - 000000000 ____D C:\ProgramData\IObit
2018-11-01 04:54 - 2009-07-14 05:52 - 000000000 ____D C:\Program Files\Windows Sidebar
2018-10-31 20:50 - 2018-10-13 09:32 - 000000000 ___HD C:\Users\Mara\Desktop\.tmp.drivedownload
2018-10-31 19:44 - 2018-10-13 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-10-31 19:44 - 2017-01-20 08:19 - 000002006 _____ C:\Users\Public\Desktop\Google Slides.lnk
2018-10-31 19:44 - 2017-01-20 08:19 - 000002004 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2018-10-31 19:44 - 2017-01-20 08:19 - 000001994 _____ C:\Users\Public\Desktop\Google Docs.lnk
2018-10-29 17:42 - 2017-08-07 16:31 - 000000000 ____D C:\Program Files\DIFX
2018-10-29 08:46 - 2017-01-19 09:27 - 000000000 ____D C:\Windows\system32\MRT
2018-10-29 08:38 - 2017-01-19 09:27 - 133674168 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-10-25 21:57 - 2017-02-02 17:01 - 000000000 ___SD C:\Users\Mara\AppData\LocalLow\Temp
2018-10-23 13:46 - 2017-03-03 09:01 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-10-22 15:31 - 2017-01-21 07:26 - 000000000 ____D C:\Users\Mara\AppData\Local\Adobe
2018-10-22 15:25 - 2017-01-21 07:27 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-10-22 15:25 - 2017-01-21 07:27 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-10-22 15:25 - 2017-01-21 07:27 - 000000000 ____D C:\Windows\system32\Macromed
2018-10-22 15:20 - 2017-03-03 09:02 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Mozilla
2018-10-22 15:20 - 2017-03-03 09:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-10-22 15:18 - 2017-11-17 22:35 - 000397136 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8b8f43e07af0892e.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000310880 _____ (AVAST Software) C:\Windows\system32\Drivers\asw ec990e614644d65.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000167648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswf854c82e47f3d3f2.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000157112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswcdfb3cd8fc0e0a2e.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000135368 _____ (AVAST Software) C:\Windows\system32\Drivers\asw5f63604a8b178ce5.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000101152 _____ (AVAST Software) C:\Windows\system32\Drivers\asw11507f0bfc2c4062.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000072968 _____ (AVAST Software) C:\Windows\system32\Drivers\asw71e551631202ad61.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000042912 _____ (AVAST Software) C:\Windows\system32\Drivers\asw 22df3105cdb5a6c.tmp
2018-10-22 15:17 - 2017-12-24 10:04 - 000139008 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1b5ef4eb81580914.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000784728 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4beda3425c002a0c.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000284424 _____ (AVAST Software) C:\Windows\system32\Drivers\asw19a4eb8483f5abb5.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000188952 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3200c309ec33e2a8.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000165552 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4fda499ecc7c1787.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000058072 _____ (AVAST Software) C:\Windows\system32\Drivers\asw5fa794c4301515ae.tmp
2018-10-21 11:31 - 2017-01-17 18:33 - 000000452 __RSH C:\ProgramData\ntuser.pol
2018-10-20 13:11 - 2017-03-11 10:36 - 000000000 ____D C:\Program Files\Bonjour

==================== Files in the root of some directories =======

2018-10-13 08:40 - 2018-10-13 09:01 - 007649280 _____ () C:\Program Files\GUT8005.tmp
2018-11-10 06:36 - 2018-11-10 07:01 - 000004959 _____ () C:\Users\Mara\AppData\Roaming\wifi_speakers.dat
2017-05-13 23:05 - 2018-11-10 14:14 - 000007649 _____ () C:\Users\Mara\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2018-10-15 06:27 - 2018-11-11 13:30 - 000192512 ____N () C:\Users\Mara\AppData\Local\Temp\sfamcc00001.dll
2018-11-11 13:30 - 2018-11-11 13:30 - 000158720 ____N () C:\Users\Mara\AppData\Local\Temp\sfareca00001.dll
2018-09-02 00:31 - 2018-09-20 17:48 - 000192512 _____ () C:\Users\Míša\AppData\Local\Temp\sfamcc00001.dll
2018-09-17 18:29 - 2018-09-17 18:29 - 000192512 _____ () C:\Users\Míša\AppData\Local\Temp\sfamcc00002.dll
2018-09-20 17:48 - 2018-09-20 17:48 - 000158720 _____ () C:\Users\Míša\AppData\Local\Temp\sfareca00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2009-07-14 00:24] - [2009-07-14 02:16] - 000811520 _____ (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-04 12:34

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11.11.2018
Ran by Mara (13-11-2018 14:57:40)
Running from C:\Users\Mara\Desktop
Microsoft Windows 7 Professional (X86) (2017-01-17 17:08:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-385729116-3703201098-1527315605-500 - Administrator - Disabled)
Guest (S-1-5-21-385729116-3703201098-1527315605-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-385729116-3703201098-1527315605-1006 - Limited - Enabled)
Mara (S-1-5-21-385729116-3703201098-1527315605-1000 - Administrator - Enabled) => C:\Users\Mara
Míša (S-1-5-21-385729116-3703201098-1527315605-1004 - Administrator - Enabled) => C:\Users\Míša

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM\...\Adobe_4977c84bcdc298c444ccfbdcccb660d) (Version: 10.0 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM\...\{6ABB4DB7-5E8F-4F7A-AAF2-C7B4337B7161}) (Version: 2.5.3233 - Famatech)
Advanced Port Scanner 2.4 (HKLM\...\{10F177CF-543F-4BC2-A297-DBF73709D3C5}) (Version: 2.4.2750 - Famatech)
Aktualizace NVIDIA 31.0.11.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.11.0 - NVIDIA Corporation) Hidden
AMP WinOFF 5.0.1 (HKLM\...\AMP WinOFF) (Version: 5.0.1 - Alberto Martinez Perez)
Any Video Converter Ultimate 6.1.2 (HKLM\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio FREE (HKLM\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Audio MP3 Editor 5.80 (HKLM\...\Audio MP3 Editor_is1) (Version: - audio2x.com)
AudioRelay version 0.4.4 (HKLM\...\{86705A3A-8AAB-4C7C-B311-A0426548373F}_is1) (Version: 0.4.4 - azEfsw)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Backup and Sync from Google (HKLM\...\{36F77FB6-DB7A-4293-ADF6-D8B081F27DD6}) (Version: 3.43.1584.4446 - Google, Inc.)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (01/05/2012 2.0000.0.1) (HKLM\...\49D9ABA9270C5BDFD7AE1BEB607D36B26BB90235) (Version: 01/05/2012 2.0000.0.1 - MediaTek Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (12/24/2011 2.0000.0.0) (HKLM\...\D0E6296D177F42BB31C0200E49412003DB6C4633) (Version: 12/24/2011 2.0000.0.0 - MediaTek Inc.)
Balíček ovladače systému Windows - MediaTek Inc. Net (07/14/2011 1.1129.00) (HKLM\...\8BC3CF920AF63C7AEF78B82D1C60D94704FB95CD) (Version: 07/14/2011 1.1129.00 - MediaTek Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
DeReporting (HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\DeReporting) (Version: 1.0 - DeReporting)
DU Meter (HKLM\...\DUMeter3_is1) (Version: 4.01 Build R3076 - Hagel Technologies Ltd)
DVD to ISO (HKLM\...\{646E7341-F4F6-46E1-A6AE-2A91FED3F0E8}_is1) (Version: - dvdtoiso.com)
Ext2 IFS 1.12 for Windows 7/Server 2008 R2 (HKLM\...\Ext2Ifs_for_NT601) (Version: - )
Ext2Fsd 0.68 (HKLM\...\Ext2Fsd_is1) (Version: 0.68 - Matt Wu)
Google Earth Pro (HKLM\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
IObit Uninstaller 8 (HKLM\...\IObitUninstall) (Version: 8.1.0.13 - IObit)
Java 8 Update 161 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.1.5.8 - PandoraTV)
Lelohase version 5.0 (HKLM\...\Lelohase_is1) (Version: 5.0 - )
LG Flash (HKLM\...\{85173EC7-6F7F-4E6F-92BB-F8A14DC7A38C}) (Version: 2.0.1.6 - LG) Hidden
LG Flash (HKLM\...\LG Flash 2.0.1.6) (Version: 2.0.1.6 - LG)
LG Mobile Driver (HKLM\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.2.0 - LG Electronics)
LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)
LG USB WML Modem Driver (HKLM\...\{FBA0CA60-8BF2-4381-B819-74F020E165A9}) (Version: 1.0 - LG Electronics)
LGFlashTool 1.8.1.1023 (HKLM\...\LGFlashTool) (Version: 1.8.1.1023 - LGE)
LGUP 8994 DLL (HKLM\...\{4504D6ED-2584-4CCA-9B24-3B09277473DF}) (Version: 0.0.3.23 - LG Electronics)
LogMeIn Hamachi (HKLM\...\{91B5DF26-717A-4A5F-AB10-CD450FAD428C}) (Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
MediaTek Driver Packages version 5.14.53.00 (HKLM\...\MediaTek Driver Packages_is1) (Version: 5.14.53.00 - MediaTek.Inc.)
MediaTek SP Driver version 5.16.32.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.16.32.04 - MediaTek.Inc.)
Microsoft .NET Core 2.1.5 - Windows Server Hosting (HKLM\...\{a8c51303-1ef5-45a9-a888-ca9ef21982a9}) (Version: 2.1.13320.0 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Research Mesh Virtual WIFI (HKLM\...\{034A32D5-699E-4AED-A2EB-2CCB6E7F37F1}) (Version: 1.0.000 - Microsoft Research)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
MiniTool Partition Wizard Professional Edition 9.1 (HKLM\...\{2991A446-D356-44EC-930A-42E8B02A67C0}_is1) (Version: - MiniTool Solution Ltd.)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 62.0.3 (x86 cs) (HKLM\...\Mozilla Firefox 62.0.3 (x86 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
Mp3 Audio Editor (HKLM\...\Mp3 Audio Editor) (Version: - Mp3AudioEditor Inc.)
MP3 Normalizer (HKLM\...\MP3 Normalizer) (Version: 1.02 - mp3-soft.com)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed Underground 2 (HKLM\...\Need for Speed Underground 2) (Version: - )
Need for Speed™ Most Wanted (HKLM\...\{ADE91A13-434D-4229-00BC-182BAD607303}) (Version: - )
Nero Info (HKLM\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
Nero MediaHome Free (HKLM\...\{4C4E731B-FFBC-4CD4-967E-B468E61C89F4}) (Version: 16.0.03300 - Nero AG)
NirSoft NK2Edit (HKLM\...\NirSoft NK2Edit) (Version: - )
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{41DB3D33-D655-40BB-8BF3-824768DD6170}) (Version: 17.0.420 - O&O Software GmbH)
OpenOffice 4.1.3 (HKLM\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Ovládací panel NVIDIA 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 309.08 - NVIDIA Corporation) Hidden
Password Safe (32-bit) (HKLM\...\Password Safe) (Version: 3.47.2 - Rony Shapiro)
PC Remote Receiver 5.8.0 (HKLM\...\PC Remote Receiver) (Version: 5.8.0 - monect.com)
PDF Settings (HKLM\...\{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Prerequisite installer (HKLM\...\{799AFA36-4EA5-4323-8689-74C06645A26B}) (Version: 16.0.0004 - Nero AG) Hidden
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SDÍLEJ.CZ Manager (HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\69f070f18ade444c) (Version: 0.0.1.42 - SDÍLEJ.CZ)
SoundWire Server version 2.5 (HKLM\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 2.5 - GeorgieLabs)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
TeamViewer 13 (HKLM\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.0a - Ghisler Software GmbH)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
USB PC Camera (SN9C103) (HKLM\...\{EADAA6F7-991F-4CE9-B5CE-FCF3D81F7C7D}) (Version: 4.18.0.000 - Sonix)
USB Serial Port Driver (x86) (HKLM\...\{18800668-6583-4E75-ACDB-583DBB9E5F08}) (Version: 2013.30.0.313 - Nokia)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (05/11/2014 4.1.0000.00000) (HKLM\...\87222192CAFC6995E0CFC9B7690CF03A8B411292) (Version: 05/11/2014 4.1.0000.00000 - Google, Inc.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/11/2009 2.0.0010.00002) (HKLM\...\256CD808BFEEBAFFBD9071CA2C9D2D633E524FC9) (Version: 08/11/2009 2.0.0010.00002 - Google, Inc.)
Windows Driver Package - Qualcomm (qcusbnet) Net (07/29/2011 1.0.6.5) (HKLM\...\2F53F0A0FCEDAFD3CCCB1439CAAE0738B4BAFBFB) (Version: 07/29/2011 1.0.6.5 - Qualcomm)
Windows Driver Package - Qualcomm Incorporated (qcusbser) Modem (07/29/2011 2.0.8.7) (HKLM\...\6BF6A4AE61C76DD6CBA31ACB5852032BA320D4E4) (Version: 07/29/2011 2.0.8.7 - Qualcomm Incorporated)
Windows Driver Package - Qualcomm Incorporated (qcusbser) Ports (07/29/2011 2.0.8.7) (HKLM\...\B041351E684D13DF6500880671EDDA42E3285328) (Version: 07/29/2011 2.0.8.7 - Qualcomm Incorporated)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wondershare MirrorGo(Version 1.9.0) (HKLM\...\{EE843B49-D9BC-4A9E-A8A7-B9F14C0381C7}_is1) (Version: 1.9.0 - Wondershare)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.5 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-385729116-3703201098-1527315605-1000_Classes\CLSID\{DB450005-9764-11D6-819E-005056C00008}\localserver32 -> C:\Users\Mara\AppData\Local\Temp\is-E9Q19.tmp\DUMeter-Install.tmp => No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-10-04] (Google)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers1: [OODefrag] -> [CC]{48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [OODefrag] -> [CC]{48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-10-04] (Google)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-31] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers6: [OODefrag] -> [CC]{48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-385729116-3703201098-1527315605-1000: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => -> No File
ContextMenuHandlers5_S-1-5-21-385729116-3703201098-1527315605-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01EB063A-19F8-428C-A4C1-F90E18B538E0} - \httpnewsfor24smocomhotsmartsm -> No File <==== ATTENTION
Task: {03BA30EB-6AB5-4044-8186-7400D2F98AAE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {06983716-7001-47A6-8ED1-D86F4D4F5188} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-22] (AVAST Software)
Task: {075351FB-2F9E-4784-B0EE-60FC31CD5AEC} - \{3FC65EF9-9158-4A54-91BF-7C9DE9B8618F} -> No File <==== ATTENTION
Task: {11B03A02-28EA-49B7-9554-8B17DF022532} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
Task: {1B7871FF-5887-4025-9779-DFFC1A5849C8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-31] (AVAST Software)
Task: {380AE368-69A2-4EE6-A310-B77040305A99} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
Task: {41E3D6C4-3D9B-4CFF-9302-38604E4198E1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-22] (Adobe Systems Incorporated)
Task: {4A89C20B-93E7-4A1D-A25C-357EEDCD6C9E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {4FE1784D-91CE-4BDE-B6E3-29CE7ED41083} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
Task: {5633A4B0-58B8-41DB-87E5-21691F7E37E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-18] (Google Inc.)
Task: {61A25131-BC2F-4336-96C4-1B28E76F818E} - \{BB9D3ED9-7B80-4B5E-8736-BB7F43F74B5E} -> No File <==== ATTENTION
Task: {7C7F4BF1-8EE6-49AF-B365-686865ED4473} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {7D4677BD-98AD-400B-895B-B831076DFFE1} - System32\Tasks\{AA7C8680-1EE5-42AF-B7E7-760DC7128344} => C:\Windows\system32\pcalua.exe -a "C:\PROGRAM FILES\CONMET\ConMet.exe" -c /uninstall
Task: {B0131950-11EE-4940-98FE-7E50C92DA70F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {B10DB050-4E83-472D-8029-AF978D79B2F1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
Task: {B55D2426-0CC9-4B12-81D2-8D505ED17B9D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Software Ltd)
Task: {C2CC99F0-94E2-449B-998C-00F9FDFC34E3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2018-01-10] (NVIDIA Corporation)
Task: {C5EBE1B5-9099-4A0A-A716-527028F2EBFD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-22] (Adobe Systems Incorporated)
Task: {CFFB1575-F11D-4BB3-A133-995948A03CBB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2018-01-10] (NVIDIA Corporation)
Task: {D33AA5D3-5B3B-400C-A6DC-964B03FDAFE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-18] (Google Inc.)
Task: {E09B079E-0295-4577-AEA8-D628361422F1} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {EF6F7AB9-ADDA-4831-A092-DA631839DD84} - System32\Tasks\Driver Booster SkipUAC (Mara) => C:\Program Files\IObit\Driver Booster\5.2.0\DriverBooster.exe
Task: {FE288029-E149-4797-B55A-30FB84FB472A} - System32\Tasks\Uninstaller_SkipUac_Mara => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2018-10-17] (IObit)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samsung Galaxy Ace - Guide - Cygwin-Odin\Cygwin Terminal.lnk -> C:\cygwin\Cygwin.bat (No File)

ShortcutWithArgument: C:\Users\Mara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2018-03-24 08:28 - 2015-01-31 01:48 - 000078480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2018-10-22 15:17 - 2018-10-22 15:17 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-10-22 15:18 - 2018-10-22 15:18 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-13 10:36 - 2018-11-13 10:36 - 005718672 _____ () C:\Program Files\AVAST Software\Avast\defs\18111300\algo.dll
2018-10-22 15:17 - 2018-10-22 15:17 - 000496856 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-10-22 15:17 - 2018-10-22 15:17 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-10-22 15:17 - 2018-10-22 15:17 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-03-03 10:54 - 2018-01-10 15:05 - 001042280 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-17 18:14 - 2014-05-23 16:36 - 000847872 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2017-01-17 18:14 - 2014-05-23 16:36 - 001411072 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2017-01-17 18:14 - 2014-05-23 16:36 - 000193024 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2017-01-17 18:14 - 2014-05-23 16:36 - 000137728 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2017-01-17 18:14 - 2014-05-23 16:36 - 000115712 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2018-11-06 17:14 - 2018-11-06 17:14 - 000090576 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-03-17 15:50 - 2018-03-17 15:50 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-10-27 22:48 - 2018-05-02 16:42 - 000442128 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2018-10-27 22:48 - 2018-05-02 16:42 - 000210704 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2018-10-27 22:48 - 2018-05-02 16:42 - 000059664 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2018-11-13 12:27 - 000000040 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 validation.sls.microsoft.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-385729116-3703201098-1527315605-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: IObitUnSvr => 2
MSCONFIG\Services: MonectServerService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: OODefragAgent => 2
MSCONFIG\Services: TrueKey => 2
MSCONFIG\Services: TrueKeyScheduler => 2
MSCONFIG\Services: TrueKeyServiceHelper => 3
MSCONFIG\Services: vncserver => 3
MSCONFIG\Services: WsAppService => 3
MSCONFIG\Services: WsDrvInst => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk => C:\Windows\pss\O&O Defrag Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SPDriverInstall.lnk => C:\Windows\pss\SPDriverInstall.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk => C:\Windows\pss\TMMonitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk => C:\Windows\pss\Universal Media Server.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Míša^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IPMSG for Win.lnk => C:\Windows\pss\IPMSG for Win.lnk.Startup
MSCONFIG\startupreg: AMP WinOFF => c:\program files\amp winoff\winoff.exe -quiet
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Users\Mara\samsung\NPSAgent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: ConMet => C:\Program Files\ConMet\ConMet.exe
MSCONFIG\startupreg: Connectify Hotspot => C:\Program Files\Connectify\Connectify.exe autorun
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Dropbox => "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: Free Download Manager => "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: JetVoice => "C:\Users\Mara\Downloads\JETVOICE.EXE" AUTORUN
MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Monitor => C:\Windows\PixArt\PAC207\Monitor.exe
MSCONFIG\startupreg: netmon.exe => C:\Program Files\netmon\netmon.exe
MSCONFIG\startupreg: NPSStartup =>
MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe
MSCONFIG\startupreg: PAC207_Monitor => C:\Windows\PixArt\PAC207\Monitor.exe
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: snpstd2 => C:\Windows\vsnpstd2.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{52D11CA5-B39F-4ABD-A1C0-16C94110A2F0}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F130144D-D6E0-4006-A26E-5BA7485BC874}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{02E69BAB-5D4A-4D4F-B1F5-BF0A5A05174C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F63E1C48-939B-408B-A1DF-7A2B478F350C}C:\program files\ea games\need for speed underground 2\speed2.exe] => (Allow) C:\program files\ea games\need for speed underground 2\speed2.exe
FirewallRules: [UDP Query User{B72D020A-2346-4D2C-83C1-3BD302B0849C}C:\program files\ea games\need for speed underground 2\speed2.exe] => (Allow) C:\program files\ea games\need for speed underground 2\speed2.exe
FirewallRules: [TCP Query User{7060C3D0-DF5D-4350-9151-8C338CCFD52C}C:\program files\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files\wondershare\mirrorgo\mirrorgo.exe
FirewallRules: [UDP Query User{066DC2FC-E788-467E-8218-E2C78DABEC7B}C:\program files\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files\wondershare\mirrorgo\mirrorgo.exe
FirewallRules: [TCP Query User{E34F2320-5F11-4EB6-894A-74068BABE7D4}C:\program files\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files\wondershare\mirrorgo\mirrorgo.exe
FirewallRules: [UDP Query User{7A58F333-A31F-408C-A81E-5B2849B87E2A}C:\program files\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files\wondershare\mirrorgo\mirrorgo.exe
FirewallRules: [{2B750154-8AFB-446F-A2CE-7C119BD6A59D}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{619A0099-6652-4146-920F-5B8CE566C306}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{12336298-9BE9-47D2-AD56-A8EF93F5407A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F79423ED-882D-49E7-BD22-9DE9CCBF167D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{50663A96-9C01-44BD-A830-1E63DFEEEBD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{CB52D2CA-9DAD-4BEA-9EAD-9C9A707883E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F8415E54-AB09-46D1-8685-AE3C325504D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{084618D0-6E79-4EF5-B876-621BBE6312D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AC59438F-53C5-4C7A-9FB9-57C727EB05BC}] => (Allow) C:\Program Files\Samsung\Kies\Kies.exe
FirewallRules: [{18579335-54F1-4D86-A885-86178EB3D130}] => (Allow) C:\Program Files\Samsung\Kies\Kies.exe
FirewallRules: [{F411102D-5357-4759-B100-B16F42EF495D}] => (Allow) C:\Program Files\Samsung\Kies\Kies.exe
FirewallRules: [{2346A297-3F02-4844-A408-DFEC88D7E110}] => (Allow) C:\Program Files\Samsung\Kies\Kies.exe
FirewallRules: [{C98325C9-4CE6-4CE5-AA44-39954578BAFE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{019EDEE0-9D51-4EE1-81DC-06869DEA9601}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{27E72474-735D-4A65-9AB3-31C9AB3A620C}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{1CA05547-0023-449F-889D-58D710DB8243}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [TCP Query User{DE1A2F34-B26D-4691-9738-9F4FC442923C}C:\program files\pc remote receiver\pcremotereceiver.exe] => (Allow) C:\program files\pc remote receiver\pcremotereceiver.exe
FirewallRules: [UDP Query User{62D23E12-05C2-4F64-BEC9-FE1B007CFBFF}C:\program files\pc remote receiver\pcremotereceiver.exe] => (Allow) C:\program files\pc remote receiver\pcremotereceiver.exe
FirewallRules: [{BE6402FC-BB5A-4034-97BF-0B6DE45D79DD}] => (Allow) C:\Program Files\PC Remote Receiver\PCRemoteReceiver.exe
FirewallRules: [{EA7377AD-7240-42C2-820C-0D9CF461C5F5}] => (Allow) C:\Program Files\PC Remote Receiver\MonectMediaCenter.exe
FirewallRules: [TCP Query User{4E610039-47D4-4B46-BF1D-BBB6C4816A98}C:\@@@flash lg\flash lg\shttps\http.exe] => (Allow) C:\@@@flash lg\flash lg\shttps\http.exe
FirewallRules: [UDP Query User{569C2B59-9789-46DA-BA5F-9D47ABADD387}C:\@@@flash lg\flash lg\shttps\http.exe] => (Allow) C:\@@@flash lg\flash lg\shttps\http.exe
FirewallRules: [{259C3D7F-7A57-4D21-926D-74989160EB69}] => (Allow) C:\Users\Míša\AppData\Local\IPMsg\ipmsg.exe
FirewallRules: [{91B09CD3-E71C-4153-92E3-BD35C58260EA}] => (Allow) C:\Users\Míša\AppData\Local\IPMsg\ipmsg.exe
FirewallRules: [TCP Query User{69202BBD-57D5-41C7-9827-CCC3EF5EA577}C:\users\míša\appdata\local\ipmsg\ipmsg.exe] => (Block) C:\users\míša\appdata\local\ipmsg\ipmsg.exe
FirewallRules: [UDP Query User{1C1247CB-DF5E-4378-96AB-4C379953763E}C:\users\míša\appdata\local\ipmsg\ipmsg.exe] => (Block) C:\users\míša\appdata\local\ipmsg\ipmsg.exe
FirewallRules: [{BC3D99CE-60D9-4094-92F7-25E286B9F01C}] => (Allow) C:\KMPlayer\KMPlayer.exe
FirewallRules: [{C9376C76-F28B-4751-AE50-B7E981EBBE51}] => (Allow) C:\KMPlayer\KMPlayer.exe
FirewallRules: [{3CCB845A-22D6-47E7-8A48-F578F496E636}] => (Allow) C:\KMPlayer\KMPlayer.exe
FirewallRules: [{7813CB46-892C-43B7-A7DE-4BFFF5DD187E}] => (Allow) C:\KMPlayer\KMPlayer.exe
FirewallRules: [{045597AB-BC31-4086-9738-68901260D04E}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{83704968-63DB-40CE-8F0B-A7FC3F23B59E}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{439CDB3B-FF39-4C6D-80FA-984A47D0705E}] => (Allow) C:\Program Files\Nero\KM\NMDllHost.exe
FirewallRules: [{0A30441A-4172-4841-8C65-90E8677BD08D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3BA9D126-48D5-4572-A87C-81F3ACC480F8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{4EDF49FA-23AB-4012-882B-59596695A79F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{39776C57-FD31-4874-86C5-C9BF5DC9602B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{FCF3A783-E74D-4AA7-9335-02F9B924CABD}C:\users\mara\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mara\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{049E07E1-240F-4A40-BF44-12372510FB39}C:\users\mara\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mara\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{C22C9649-C17A-4162-AF10-823807EF7834}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{15D71E31-A6E6-4244-99C2-6C7FDE3B5BD5}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{403D75C1-D58D-49C8-8B2C-3E3CC13DFFD1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{7D9D1B90-10B9-4BD5-8068-AC3F123B0A45}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{EFEBFAAB-4089-428D-AF12-6130C47EB7C5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{41605CE4-8395-4E0A-9778-7CCF2128BEAB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{D8CF901B-C1A2-4B6B-B36D-52DDCF779BF6}C:\program files\soundwire server\soundwireserver.exe] => (Allow) C:\program files\soundwire server\soundwireserver.exe
FirewallRules: [UDP Query User{50161135-918D-4EE4-9E56-48276BE86527}C:\program files\soundwire server\soundwireserver.exe] => (Allow) C:\program files\soundwire server\soundwireserver.exe
FirewallRules: [{E8A61926-AFFE-46BD-8A80-8CDF4750A170}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{EA9A4493-5387-4ED7-B908-DE216E428DFD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{BD6977B3-8AEE-4AD6-9F60-04509FD3D833}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{7280A26E-182F-4BA1-8D07-92A06369C176}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{C0AFE950-6D75-4BA7-9E2A-15CB060EC88C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================

13-11-2018 14:10:43 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices =============

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel(R) 82566DC – gigabitové síťové připojení
Description: Intel(R) 82566DC – gigabitové síťové připojení
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1express
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Myš Microsoft pro port PS/2
Description: Myš Microsoft pro port PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2018 01:27:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/13/2018 12:29:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/13/2018 12:27:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: w7lxe.exe, verze: 3.5.0.3, časové razítko: 0x4bf75677
Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdadb
Kód výjimky: 0xc0000005
Posun chyby: 0x00055581
ID chybujícího procesu: 0xf9c
Čas spuštění chybující aplikace: 0x01d47b43c48f98ed
Cesta k chybující aplikaci: C:\Users\Mara\Downloads\Nové\Win 7 Activator\Activator\w7lxe.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 1331003d-e737-11e8-8615-a52ab1c85456

Error: (11/13/2018 11:52:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/13/2018 10:44:27 AM) (Source: W3SVC-WP) (EventID: 2280) (User: )
Description: Dynamickou knihovnu C:\Windows\System32\inetsrv\cachuri.dll modulu se nepodařilo načíst. Data obsahují chybu.

Error: (11/13/2018 10:44:26 AM) (Source: W3SVC-WP) (EventID: 2280) (User: )
Description: Dynamickou knihovnu C:\Windows\System32\inetsrv\cachuri.dll modulu se nepodařilo načíst. Data obsahují chybu.

Error: (11/13/2018 10:44:25 AM) (Source: W3SVC-WP) (EventID: 2280) (User: )
Description: Dynamickou knihovnu C:\Windows\System32\inetsrv\cachuri.dll modulu se nepodařilo načíst. Data obsahují chybu.

Error: (11/13/2018 10:44:24 AM) (Source: W3SVC-WP) (EventID: 2280) (User: )
Description: Dynamickou knihovnu C:\Windows\System32\inetsrv\cachuri.dll modulu se nepodařilo načíst. Data obsahují chybu.


System errors:
=============
Error: (11/13/2018 02:15:47 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 8) (User: MARAHOME)
Description: Instalace aktualizace Service Pack skončila s kódem chyby 0x800f0a13.

Error: (11/13/2018 01:16:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
Ext2Fsd

Error: (11/13/2018 01:16:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/13/2018 12:37:23 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 8) (User: MARAHOME)
Description: Instalace aktualizace Service Pack skončila s kódem chyby 0x800f0a13.

Error: (11/13/2018 12:22:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
Ext2Fsd

Error: (11/13/2018 12:22:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/13/2018 11:49:59 AM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 8) (User: MARAHOME)
Description: Instalace aktualizace Service Pack skončila s kódem chyby 0x800f0a13.

Error: (11/13/2018 10:44:28 AM) (Source: WAS) (EventID: 5002) (User: )
Description: Fond aplikací DefaultAppPool bude automaticky zakázán z důvodu řady chyb v procesech obsluhujících daný fond aplikací.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz
Percentage of memory in use: 71%
Total physical RAM: 3069.61 MB
Available physical RAM: 878.39 MB
Total Virtual: 5067.89 MB
Available Virtual: 2750.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:39.28 GB) (Free:1.52 GB) NTFS
Drive z: (Zaloha) (Fixed) (Total:2.14 GB) (Free:0.39 GB) NTFS

\\?\Volume{41c3a6b9-dcce-11e6-a77a-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: 1BDD5CA0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=39.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=35.2 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

hoblik007
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 21 čer 2005 21:03
Bydliště: Olomouc
Kontaktovat uživatele:

Re: Prosim o kontrolu..(jestli vycistit nebo reinstall)

#4 Příspěvek od hoblik007 »

Vetsi cast mam hotovou,,,ale mam problem v tom,ze nemuzu nainstalovat Service Pack 1.
Tohle je ta hlaska:

Kód: Vybrat vše

https://drive.google.com/open?id=19Ty-9nxQeX94zCKSMzaKP7ii0qz2AMe1
Tim padem nenainstaluji ani MSIE11.

Tady jsou logy po odvšivení...

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-11-05.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-13-2018
# Duration: 00:00:06
# OS: Windows 7 Professional
# Cleaned: 58
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files\Common Files\IObit\Advanced SystemCare
Deleted C:\Windows\System32\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\Mara\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Míša\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Mara\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\Míša\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}
Deleted C:\Users\Mara\AppData\Roaming\Tencent
Deleted C:\ProgramData\Mail.Ru
Deleted C:\Windows\System32\config\systemprofile\AppData\Local\Mail.Ru
Deleted C:\Program Files\Smart Application Controller
Deleted C:\Users\Mara\AppData\Roaming\Smart Application Controller
Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\Solvusoft
Deleted C:\NetMon
Deleted C:\Users\Mara\AppData\Local\VirtualStore\Program Files\NetMon

***** [ Files ] *****

Deleted C:\Users\Public\Desktop\ASHAMPOO DEALS.URL
Deleted C:\Users\Mara\Desktop\?????? ? ?????????.url
Deleted C:\Users\Mara\Favorites\Mail.Ru.url
Deleted C:\Users\Mara\Favorites\Mail.Ru ????? - ????????? ??? ???????!.url
Deleted C:\Users\Mara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\ErrorFixKIT

***** [ Registry ] *****

Deleted HKLM\Software\IObit\RealTimeProtector
Deleted HKLM\Software\IObit\Advanced SystemCare
Deleted HKLM\Software\IOBIT\ASC
Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\Software\ErrorFixKIT
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A45B472D-2204-4D0F-BCBD-67605661C1FF}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ErrorFixKIT
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\MailRuUpdater
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 11
Deleted HKLM\Software\TWEAKBIT
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|AndroidServer.exe
Deleted HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\browser.exe
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted HKCU\Software\AppDataLow\Software\Mail.Ru
Deleted HKU\S-1-5-18\Software\Mail.Ru
Deleted HKCU\Software\Mail.Ru
Deleted HKU\.DEFAULT\Software\Mail.Ru
Deleted HKLM\Software\Mail.Ru
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted HKLM\Software\Classes\IESearchPlugin.MailRuBHO
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Deleted HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe

***** [ Chromium (and derivatives) ] *****

Deleted ?????
Deleted ?????
Deleted ???????? ???????? Mail.Ru
Deleted ???????? ???????? Mail.Ru
Deleted ????? Mail.Ru
Deleted ????? Mail.Ru

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6214 octets] - [13/11/2018 09:57:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11.11.2018
Ran by Mara (administrator) on MARAHOME (13-11-2018 14:57:06)
Running from C:\Users\Mara\Desktop
Loaded Profiles: Mara (Available Profiles: Mara & Míša)
Platform: Microsoft Windows 7 Professional (X86) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Hagel Technologies Ltd) C:\Program Files\DU Meter\DUMeterSvc.exe
(http://www.ext2fsd.com) C:\Program Files\Ext2Fsd\Ext2Srv.exe
(Monect) C:\Program Files\PC Remote Receiver\MonectServerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Monect) C:\Program Files\PC Remote Receiver\PCRemoteReceiver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Hagel Technologies Ltd) C:\Program Files\DU Meter\DUMeter.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
() C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [3246384 2013-09-19] (O&O Software GmbH)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-22] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\Run: [DU Meter] => C:\Program Files\DU Meter\DUMeter.exe [2645528 2008-06-10] (Hagel Technologies Ltd)
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {6bf30111-2a9f-11e7-a2c4-806e6f6e6963} - D:\EVOLVEO.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {8348f85e-82c7-11e8-9d8d-97c92c773f2b} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {e71d7552-deb2-11e8-bf0c-a174f39db544} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {e71d7578-deb2-11e8-bf0c-a174f39db544} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {f480d760-3281-11e7-8523-9158a7eba702} - E:\Autorun.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\MountPoints2: {f480d762-3281-11e7-8523-9158a7eba702} - F:\Setup.exe
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2017-01-17]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Míša\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk [2017-05-06]
ShortcutTarget: SpeedFan.lnk -> C:\Program Files\SpeedFan\speedfan.exe ()
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{38F41E72-C37C-4B4E-AF14-F291EC5BB2F9}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{4D46237B-2EEB-41D3-A00A-AB8008D0EBC5}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{98B48FEC-E99C-44B9-A066-1B28DD21AD3F}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{9B929CA0-A7BC-4F07-B05C-0657296A2FE1}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{DCE59FC9-ED8B-4E63-A92C-689ED0552F4A}: [DhcpNameServer] 192.168.42.129
ManualProxies: 0hxxp://no-blocked.org/wpad.dat?b8375e4895b2ea9ef53597e2e827679524530446

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-385729116-3703201098-1527315605-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-385729116-3703201098-1527315605-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
SearchScopes: HKU\S-1-5-21-385729116-3703201098-1527315605-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-385729116-3703201098-1527315605-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-07-19] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-03-03] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-03] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-385729116-3703201098-1527315605-1000 -> No Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No File

FireFox:
========
FF DefaultProfile: 2xo86nih.default
FF ProfilePath: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default [2018-11-13]
FF user.js: detected! => C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\user.js [2018-01-31]
FF Homepage: Mozilla\Firefox\Profiles\2xo86nih.default -> hxxps://www.google.com/
FF Extension: (Free Download Manager extension) - C:\Users\Mara\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\fdm_ffext@freedownloadmanager.org [2017-10-09] [Legacy]
FF Extension: (Avast Online Security) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\wrc@avast.com.xpi [2018-11-13]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-15]
FF Extension: (FF Web Defender) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\{046258c9-75c5-429d-8d5b-386cfbadc39d}.xpi [2017-12-26]
FF Extension: (YouTube Best Video Downloader 2) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi [2018-04-24]
FF Extension: (Adobe Shockwave Flash Player) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\{42baa93e-0cff-4289-b79e-6ae88df668c4}.xpi [2018-03-03]
FF Extension: (Download YouTube Videos as MP4) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-03-14] [Legacy]
FF Extension: (Telemetry coverage) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\features\{c2d23ce4-f914-4bd0-98be-a969c5ca19be}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-23] [Legacy]
FF SearchPlugin: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\2xo86nih.default\searchplugins\google-avast.xml [2017-02-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-22] ()
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-03] (Oracle Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BrowserPlugin\npBrowserPlugin.dll [2015-04-10] (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://mail.ru/cnt/10445?gp=811600
CHR StartupUrls: Default -> "hxxp://mail.ru/cnt/10445?gp=811600"
CHR Profile: C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default [2018-11-13]
CHR Extension: (Prezentace) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-13]
CHR Extension: (Dokumenty) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-13]
CHR Extension: (Disk Google) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-03]
CHR Extension: (YouTube) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-03]
CHR Extension: (Tabulky) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-05]
CHR Extension: (Gmail) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-03]
CHR Extension: (Chrome Media Router) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01]
CHR HKLM\...\Chrome\Extension: [bhjhnafpiilpffhglajcaepjbnbjemci] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [dijfnbhlogmffhgpelodglnnkncadnbi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hcadgijmedbfgciegjomfpjcdchlhnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-385729116-3703201098-1527315605-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6800144 2018-10-22] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-22] (AVAST Software)
S4 DbxSvc; C:\Windows\system32\DbxSvc.exe [40264 2017-01-21] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1142464 2017-02-07] (Disc Soft Ltd)
R2 DUMeterSvc; C:\Program Files\DU Meter\DUMeterSvc.exe [1386008 2008-06-10] (Hagel Technologies Ltd) [File not signed]
R2 Ext2Srv; C:\Program Files\Ext2Fsd\Ext2Srv.exe [34816 2016-07-09] (http://www.ext2fsd.com)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2017-03-11] (Macrovision Europe Ltd.) [File not signed]
S4 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [153360 2018-09-25] (IObit)
R4 MonectServerService; C:\Program Files\PC Remote Receiver\MonectServerService.exe [110592 2018-03-05] (Monect) [File not signed]
R4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [805752 2017-06-02] (Nero AG)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [468840 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [468840 2018-01-10] (NVIDIA Corporation)
R4 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1377072 2013-09-19] (O&O Software GmbH)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S4 WsAppService; C:\Program Files\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare)
S4 WsDrvInst; C:\Program Files\Wondershare\MirrorGo\DriverInstall.exe [111328 2017-05-05] (Wondershare)
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
S4 Hamachi2Svc; "C:\Program Files\LogMeIn Hamachi\hamachi-2.exe" -s [X]
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [32768 2016-09-01] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] (LG Electronics Inc.)
R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [32896 2011-11-28] (AnvSoft Inc.) [File not signed]
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167648 2018-10-22] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188952 2018-10-22] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165552 2018-10-22] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284424 2018-10-22] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [58072 2018-10-22] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [139008 2018-10-22] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42912 2018-10-22] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40864 2018-10-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135368 2018-10-22] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101152 2018-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72968 2018-10-22] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784728 2018-10-22] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397136 2018-10-22] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [157112 2018-10-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310880 2018-10-22] (AVAST Software)
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2014-05-23] (Atheros Communications, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [107648 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2017-05-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2017-05-06] (Disc Soft Ltd)
R1 Ext2fs; C:\Windows\System32\DRIVERS\ext2fs.sys [266800 2015-12-26] (Stephan Schreiber)
S0 Ext2Fsd; C:\Windows\system32\Drivers\Ext2Fsd.sys [710912 2016-07-09] (http://www.ext2fsd.com)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed]
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [27040 2017-03-02] (LogMeIn, Inc.)
S3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [24576 2009-02-02] (HTC1124 Inc) [File not signed]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2018-01-31] (REALiX(tm))
R0 IfsMount; C:\Windows\System32\DRIVERS\ifsmount.sys [59952 2015-12-23] (Stephan Schreiber)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [145664 2018-08-25] (ITE )
R3 IUProcessFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IUProcessFilter.sys [17264 2018-10-16] (IObit)
R3 IURegistryFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IURegistryFilter.sys [23440 2018-10-16] (IObit)
S3 mirrorv3; C:\Windows\System32\DRIVERS\rminiv3.sys [3328 2012-12-18] (Famatech International Corp.) [File not signed]
R3 monectdevices; C:\Windows\System32\DRIVERS\monectdevices.sys [14104 2013-12-03] ()
R3 MonitorFunction; C:\Windows\System32\DRIVERS\TVMonitor.sys [14848 2018-02-20] (TeamViewer GmbH)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29544 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [53616 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [52072 2018-01-10] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [618112 2008-02-13] (PixArt Imaging Inc.) [File not signed]
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2015-03-05] ()
S3 snpstd2; C:\Windows\System32\DRIVERS\snpstd2.sys [354688 2008-04-30] () [File not signed]
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (The OpenVPN Project) [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13184 2016-02-18] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [20864 2012-03-02] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [25216 2012-03-02] (LG Electronics Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2009-07-14] (Microsoft Corporation)
S3 VIA_USB_ETS_SS; C:\Windows\System32\DRIVERS\VIA_USB_ETS_SS.sys [18560 2012-04-17] (Via Telecom, Inc.) [File not signed]
S3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2016-06-06] (RealVNC Ltd.) [File not signed]
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [119952 2016-07-16] (MBB)
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X]
S3 MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [X]
S3 ssudmdm; system32\DRIVERS\ssudmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-13 13:24 - 2015-02-18 08:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2018-11-13 12:17 - 2018-11-13 13:14 - 029884416 _____ C:\Windows\system32\config\systme
2018-11-13 12:02 - 2018-11-13 11:57 - 000000221 _____ C:\w7a.bat
2018-11-13 11:48 - 2018-11-13 11:48 - 000000000 ____D C:\60aca25357cee1add1
2018-11-13 10:37 - 2018-11-13 10:37 - 000000000 ___HD C:\$AV_ASW
2018-11-13 10:35 - 2018-11-13 10:35 - 000002075 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-11-13 10:35 - 2018-11-13 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-11-13 10:33 - 2018-10-22 15:18 - 000397136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-11-13 10:33 - 2018-10-22 15:18 - 000310880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000167648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000157112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000135368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000072968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000042912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-11-13 10:33 - 2018-10-22 15:18 - 000040864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-11-13 10:33 - 2018-10-22 15:17 - 000784728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-11-13 10:33 - 2018-10-22 15:17 - 000284424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys
2018-11-13 10:33 - 2018-10-22 15:17 - 000188952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2018-11-13 10:33 - 2018-10-22 15:17 - 000165552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys
2018-11-13 10:33 - 2018-10-22 15:17 - 000139008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-11-13 10:33 - 2018-10-22 15:17 - 000058072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys
2018-11-13 04:45 - 2018-11-13 12:59 - 000000000 ___RD C:\Users\Mara\DriveWinDisk
2018-11-13 04:13 - 2018-11-13 05:17 - 000000000 ____D C:\Users\Mara\AppData\Local\PasswordSafe
2018-11-13 04:13 - 2018-11-13 04:47 - 000000000 ____D C:\Users\Mara\Documents\My Safes
2018-11-13 04:12 - 2018-11-13 04:12 - 000000992 _____ C:\Users\Mara\Desktop\Password Safe.lnk
2018-11-13 04:12 - 2018-11-13 04:12 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Password Safe
2018-11-13 04:12 - 2018-11-13 04:12 - 000000000 ____D C:\Program Files\Password Safe
2018-11-13 03:54 - 2018-11-13 14:57 - 000021896 _____ C:\Users\Mara\Desktop\FRST.txt
2018-11-13 03:54 - 2018-11-13 14:57 - 000000000 ____D C:\FRST
2018-11-13 03:54 - 2018-11-13 14:47 - 000045617 _____ C:\Users\Mara\Desktop\Addition.txt
2018-11-13 03:53 - 2018-11-13 03:52 - 001775616 _____ (Farbar) C:\Users\Mara\Desktop\FRST.exe
2018-11-10 14:18 - 2018-11-10 14:16 - 073944455 _____ C:\Users\Mara\Documents\SoundWireServer.DMP
2018-11-10 13:24 - 2018-11-10 13:24 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioRelay.lnk
2018-11-10 13:24 - 2018-11-10 13:24 - 000000000 ____D C:\Program Files\AudioRelay
2018-11-10 07:03 - 2018-11-10 07:03 - 000001070 _____ C:\Users\Public\Desktop\SoundWire Server.lnk
2018-11-10 07:03 - 2018-11-10 07:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundWire Server
2018-11-10 07:03 - 2018-11-10 07:03 - 000000000 ____D C:\Program Files\SoundWire Server
2018-11-10 06:36 - 2018-11-10 07:01 - 000004959 _____ C:\Users\Mara\AppData\Roaming\wifi_speakers.dat
2018-11-10 05:00 - 2018-11-13 10:37 - 000000000 ____D C:\Users\Mara\AppData\Roaming\DeReporting
2018-11-10 02:46 - 2018-02-20 11:11 - 000014848 _____ (TeamViewer GmbH) C:\Windows\system32\Drivers\TVMonitor.sys
2018-11-10 01:32 - 2018-11-10 01:36 - 000000000 ____D C:\Users\Mara\AppData\Local\TeamViewer
2018-11-10 01:29 - 2018-11-13 13:16 - 000000000 ____D C:\Program Files\TeamViewer
2018-11-10 01:29 - 2018-11-13 09:44 - 000000000 ____D C:\Users\Mara\AppData\Roaming\TeamViewer
2018-11-10 01:29 - 2018-11-10 01:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-11-10 01:29 - 2018-11-10 01:29 - 000000993 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2018-11-10 01:20 - 2018-11-10 01:20 - 000000000 ____D C:\Users\Mara\Downloads\Chrome
2018-11-09 23:44 - 2018-11-09 23:47 - 000001257 _____ C:\Users\Mara\Desktop\Ribbons.lnk
2018-11-06 12:44 - 2018-11-06 12:45 - 000000097 _____ C:\aa.txt
2018-11-01 04:54 - 2018-11-01 04:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter
2018-11-01 04:54 - 2018-11-01 04:54 - 000000000 ____D C:\ProgramData\Hagel Technologies
2018-11-01 04:54 - 2018-11-01 04:54 - 000000000 ____D C:\Program Files\DU Meter
2018-11-01 04:43 - 2018-11-01 04:44 - 000000000 ____D C:\Users\Mara\AppData\Roaming\uTorrent
2018-11-01 04:43 - 2018-11-01 04:43 - 000000947 _____ C:\Users\Mara\Desktop\µTorrent.lnk
2018-11-01 04:43 - 2018-11-01 04:43 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2018-11-01 04:18 - 2018-11-01 04:18 - 000000060 _____ C:\Windows\Wininit.ini
2018-10-31 20:39 - 2018-10-31 20:39 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaProducts Net Activity Diagram
2018-10-31 20:39 - 2018-10-31 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaProducts Net Activity Diagram
2018-10-29 20:25 - 2016-07-22 08:21 - 001121040 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2018-10-29 20:25 - 2016-07-22 08:21 - 000589944 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2018-10-29 20:25 - 2016-07-22 08:21 - 000107648 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2018-10-29 09:33 - 2018-10-29 09:33 - 000000000 ____D C:\Users\Mara\Documents\Smartisan
2018-10-29 08:09 - 2018-10-29 09:24 - 000000000 ____D C:\Users\Mara\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64}
2018-10-29 07:52 - 2018-11-07 01:37 - 000000000 ____D C:\Program Files\HandShaker
2018-10-27 22:48 - 2018-10-27 22:48 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2018-10-27 22:48 - 2018-10-27 22:48 - 000002093 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2018-10-27 22:48 - 2018-10-27 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2018-10-22 15:18 - 2018-10-22 15:18 - 000040864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswa73dbf66c3c87bb5.tmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-13 14:48 - 2009-07-14 05:34 - 000006080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-13 14:48 - 2009-07-14 05:34 - 000006080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-13 14:11 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\inetsrv
2018-11-13 13:24 - 2018-09-21 20:52 - 000000000 ____D C:\Users\Mara\Downloads\Nové
2018-11-13 13:19 - 2017-01-17 18:20 - 000000000 ____D C:\Users\Mara\AppData\LocalLow\Mozilla
2018-11-13 13:18 - 2017-01-19 17:55 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-13 13:16 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-13 12:39 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\NDF
2018-11-13 12:29 - 2018-03-03 14:12 - 000000000 ____D C:\Users\Mara\AppData\Local\CrashDumps
2018-11-13 12:28 - 2018-07-31 18:42 - 000000000 ____D C:\Users\Mara\AppData\Local\AVAST Software
2018-11-13 10:03 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2018-11-13 10:00 - 2018-03-05 13:17 - 000000000 ____D C:\Users\Míša\AppData\Roaming\IObit
2018-11-13 10:00 - 2018-03-05 13:17 - 000000000 ____D C:\Users\Míša\AppData\LocalLow\IObit
2018-11-13 10:00 - 2018-01-31 10:32 - 000000000 ____D C:\Users\Mara\AppData\LocalLow\IObit
2018-11-13 10:00 - 2018-01-31 10:32 - 000000000 ____D C:\Program Files\Common Files\IObit
2018-11-13 09:57 - 2017-02-21 19:19 - 000000000 ____D C:\AdwCleaner
2018-11-13 09:40 - 2017-05-07 04:01 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-11-13 09:39 - 2017-05-07 04:01 - 000000000 ____D C:\Program Files\CCleaner
2018-11-13 09:39 - 2017-01-18 07:20 - 000000000 ____D C:\Install
2018-11-13 09:26 - 2018-01-31 10:31 - 000000000 ____D C:\Program Files\IObit
2018-11-13 04:49 - 2017-01-20 08:22 - 000000000 ___RD C:\Users\Mara\Disk Google
2018-11-13 04:46 - 2017-01-20 08:23 - 000001708 _____ C:\Users\Mara\Desktop\Disk Google.lnk
2018-11-13 04:45 - 2017-01-17 18:09 - 000000000 ____D C:\Users\Mara
2018-11-13 01:54 - 2017-01-18 07:11 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-13 01:54 - 2017-01-18 07:11 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-11 20:49 - 2018-09-02 00:12 - 000000000 ____D C:\Filmy
2018-11-11 20:43 - 2017-01-19 17:24 - 000000000 ____D C:\Users\Mara\AppData\Local\Deployment
2018-11-11 13:30 - 2017-05-06 20:35 - 000000000 ____D C:\Program Files\SpeedFan
2018-11-10 14:14 - 2017-05-13 23:05 - 000007649 _____ C:\Users\Mara\AppData\Local\Resmon.ResmonCfg
2018-11-10 14:12 - 2017-02-19 02:27 - 000000000 ____D C:\KMPlayer
2018-11-10 13:24 - 2017-03-08 00:44 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-10 06:35 - 2017-01-18 07:02 - 000063568 _____ C:\Users\Mara\AppData\Local\GDIPFONTCACHEV1.DAT
2018-11-10 03:41 - 2017-03-07 23:48 - 000000000 ____D C:\Program Files\LogMeIn Hamachi
2018-11-10 02:32 - 2017-03-07 23:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2018-11-10 02:08 - 2018-01-31 10:32 - 000000000 ____D C:\ProgramData\ProductData
2018-11-10 02:08 - 2017-01-17 18:15 - 001658672 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-10 02:08 - 2009-07-14 09:44 - 000698450 _____ C:\Windows\system32\perfh005.dat
2018-11-10 02:08 - 2009-07-14 09:44 - 000150272 _____ C:\Windows\system32\perfc005.dat
2018-11-10 02:02 - 2009-07-14 05:33 - 001634280 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-05 12:50 - 2018-10-13 09:22 - 000000000 ___HD C:\Users\Mara\Downloads\.tmp.drivedownload
2018-11-05 12:08 - 2018-01-31 10:31 - 000000000 ____D C:\ProgramData\IObit
2018-11-01 04:54 - 2009-07-14 05:52 - 000000000 ____D C:\Program Files\Windows Sidebar
2018-10-31 20:50 - 2018-10-13 09:32 - 000000000 ___HD C:\Users\Mara\Desktop\.tmp.drivedownload
2018-10-31 19:44 - 2018-10-13 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-10-31 19:44 - 2017-01-20 08:19 - 000002006 _____ C:\Users\Public\Desktop\Google Slides.lnk
2018-10-31 19:44 - 2017-01-20 08:19 - 000002004 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2018-10-31 19:44 - 2017-01-20 08:19 - 000001994 _____ C:\Users\Public\Desktop\Google Docs.lnk
2018-10-29 17:42 - 2017-08-07 16:31 - 000000000 ____D C:\Program Files\DIFX
2018-10-29 08:46 - 2017-01-19 09:27 - 000000000 ____D C:\Windows\system32\MRT
2018-10-29 08:38 - 2017-01-19 09:27 - 133674168 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-10-25 21:57 - 2017-02-02 17:01 - 000000000 ___SD C:\Users\Mara\AppData\LocalLow\Temp
2018-10-23 13:46 - 2017-03-03 09:01 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-10-22 15:31 - 2017-01-21 07:26 - 000000000 ____D C:\Users\Mara\AppData\Local\Adobe
2018-10-22 15:25 - 2017-01-21 07:27 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-10-22 15:25 - 2017-01-21 07:27 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-10-22 15:25 - 2017-01-21 07:27 - 000000000 ____D C:\Windows\system32\Macromed
2018-10-22 15:20 - 2017-03-03 09:02 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Mozilla
2018-10-22 15:20 - 2017-03-03 09:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-10-22 15:18 - 2017-11-17 22:35 - 000397136 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8b8f43e07af0892e.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000310880 _____ (AVAST Software) C:\Windows\system32\Drivers\asw ec990e614644d65.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000167648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswf854c82e47f3d3f2.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000157112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswcdfb3cd8fc0e0a2e.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000135368 _____ (AVAST Software) C:\Windows\system32\Drivers\asw5f63604a8b178ce5.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000101152 _____ (AVAST Software) C:\Windows\system32\Drivers\asw11507f0bfc2c4062.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000072968 _____ (AVAST Software) C:\Windows\system32\Drivers\asw71e551631202ad61.tmp
2018-10-22 15:18 - 2017-11-17 22:35 - 000042912 _____ (AVAST Software) C:\Windows\system32\Drivers\asw 22df3105cdb5a6c.tmp
2018-10-22 15:17 - 2017-12-24 10:04 - 000139008 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1b5ef4eb81580914.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000784728 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4beda3425c002a0c.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000284424 _____ (AVAST Software) C:\Windows\system32\Drivers\asw19a4eb8483f5abb5.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000188952 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3200c309ec33e2a8.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000165552 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4fda499ecc7c1787.tmp
2018-10-22 15:17 - 2017-11-17 22:35 - 000058072 _____ (AVAST Software) C:\Windows\system32\Drivers\asw5fa794c4301515ae.tmp
2018-10-21 11:31 - 2017-01-17 18:33 - 000000452 __RSH C:\ProgramData\ntuser.pol
2018-10-20 13:11 - 2017-03-11 10:36 - 000000000 ____D C:\Program Files\Bonjour

==================== Files in the root of some directories =======

2018-10-13 08:40 - 2018-10-13 09:01 - 007649280 _____ () C:\Program Files\GUT8005.tmp
2018-11-10 06:36 - 2018-11-10 07:01 - 000004959 _____ () C:\Users\Mara\AppData\Roaming\wifi_speakers.dat
2017-05-13 23:05 - 2018-11-10 14:14 - 000007649 _____ () C:\Users\Mara\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2018-10-15 06:27 - 2018-11-11 13:30 - 000192512 ____N () C:\Users\Mara\AppData\Local\Temp\sfamcc00001.dll
2018-11-11 13:30 - 2018-11-11 13:30 - 000158720 ____N () C:\Users\Mara\AppData\Local\Temp\sfareca00001.dll
2018-09-02 00:31 - 2018-09-20 17:48 - 000192512 _____ () C:\Users\Míša\AppData\Local\Temp\sfamcc00001.dll
2018-09-17 18:29 - 2018-09-17 18:29 - 000192512 _____ () C:\Users\Míša\AppData\Local\Temp\sfamcc00002.dll
2018-09-20 17:48 - 2018-09-20 17:48 - 000158720 _____ () C:\Users\Míša\AppData\Local\Temp\sfareca00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2009-07-14 00:24] - [2009-07-14 02:16] - 000811520 _____ (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-04 12:34

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11.11.2018
Ran by Mara (13-11-2018 14:57:40)
Running from C:\Users\Mara\Desktop
Microsoft Windows 7 Professional (X86) (2017-01-17 17:08:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-385729116-3703201098-1527315605-500 - Administrator - Disabled)
Guest (S-1-5-21-385729116-3703201098-1527315605-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-385729116-3703201098-1527315605-1006 - Limited - Enabled)
Mara (S-1-5-21-385729116-3703201098-1527315605-1000 - Administrator - Enabled) => C:\Users\Mara
Míša (S-1-5-21-385729116-3703201098-1527315605-1004 - Administrator - Enabled) => C:\Users\Míša

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM\...\Adobe_4977c84bcdc298c444ccfbdcccb660d) (Version: 10.0 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM\...\{6ABB4DB7-5E8F-4F7A-AAF2-C7B4337B7161}) (Version: 2.5.3233 - Famatech)
Advanced Port Scanner 2.4 (HKLM\...\{10F177CF-543F-4BC2-A297-DBF73709D3C5}) (Version: 2.4.2750 - Famatech)
Aktualizace NVIDIA 31.0.11.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.11.0 - NVIDIA Corporation) Hidden
AMP WinOFF 5.0.1 (HKLM\...\AMP WinOFF) (Version: 5.0.1 - Alberto Martinez Perez)
Any Video Converter Ultimate 6.1.2 (HKLM\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio FREE (HKLM\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Audio MP3 Editor 5.80 (HKLM\...\Audio MP3 Editor_is1) (Version: - audio2x.com)
AudioRelay version 0.4.4 (HKLM\...\{86705A3A-8AAB-4C7C-B311-A0426548373F}_is1) (Version: 0.4.4 - azEfsw)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Backup and Sync from Google (HKLM\...\{36F77FB6-DB7A-4293-ADF6-D8B081F27DD6}) (Version: 3.43.1584.4446 - Google, Inc.)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (01/05/2012 2.0000.0.1) (HKLM\...\49D9ABA9270C5BDFD7AE1BEB607D36B26BB90235) (Version: 01/05/2012 2.0000.0.1 - MediaTek Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (12/24/2011 2.0000.0.0) (HKLM\...\D0E6296D177F42BB31C0200E49412003DB6C4633) (Version: 12/24/2011 2.0000.0.0 - MediaTek Inc.)
Balíček ovladače systému Windows - MediaTek Inc. Net (07/14/2011 1.1129.00) (HKLM\...\8BC3CF920AF63C7AEF78B82D1C60D94704FB95CD) (Version: 07/14/2011 1.1129.00 - MediaTek Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
DeReporting (HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\DeReporting) (Version: 1.0 - DeReporting)
DU Meter (HKLM\...\DUMeter3_is1) (Version: 4.01 Build R3076 - Hagel Technologies Ltd)
DVD to ISO (HKLM\...\{646E7341-F4F6-46E1-A6AE-2A91FED3F0E8}_is1) (Version: - dvdtoiso.com)
Ext2 IFS 1.12 for Windows 7/Server 2008 R2 (HKLM\...\Ext2Ifs_for_NT601) (Version: - )
Ext2Fsd 0.68 (HKLM\...\Ext2Fsd_is1) (Version: 0.68 - Matt Wu)
Google Earth Pro (HKLM\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
IObit Uninstaller 8 (HKLM\...\IObitUninstall) (Version: 8.1.0.13 - IObit)
Java 8 Update 161 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.1.5.8 - PandoraTV)
Lelohase version 5.0 (HKLM\...\Lelohase_is1) (Version: 5.0 - )
LG Flash (HKLM\...\{85173EC7-6F7F-4E6F-92BB-F8A14DC7A38C}) (Version: 2.0.1.6 - LG) Hidden
LG Flash (HKLM\...\LG Flash 2.0.1.6) (Version: 2.0.1.6 - LG)
LG Mobile Driver (HKLM\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.2.0 - LG Electronics)
LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)
LG USB WML Modem Driver (HKLM\...\{FBA0CA60-8BF2-4381-B819-74F020E165A9}) (Version: 1.0 - LG Electronics)
LGFlashTool 1.8.1.1023 (HKLM\...\LGFlashTool) (Version: 1.8.1.1023 - LGE)
LGUP 8994 DLL (HKLM\...\{4504D6ED-2584-4CCA-9B24-3B09277473DF}) (Version: 0.0.3.23 - LG Electronics)
LogMeIn Hamachi (HKLM\...\{91B5DF26-717A-4A5F-AB10-CD450FAD428C}) (Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
MediaTek Driver Packages version 5.14.53.00 (HKLM\...\MediaTek Driver Packages_is1) (Version: 5.14.53.00 - MediaTek.Inc.)
MediaTek SP Driver version 5.16.32.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.16.32.04 - MediaTek.Inc.)
Microsoft .NET Core 2.1.5 - Windows Server Hosting (HKLM\...\{a8c51303-1ef5-45a9-a888-ca9ef21982a9}) (Version: 2.1.13320.0 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Research Mesh Virtual WIFI (HKLM\...\{034A32D5-699E-4AED-A2EB-2CCB6E7F37F1}) (Version: 1.0.000 - Microsoft Research)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
MiniTool Partition Wizard Professional Edition 9.1 (HKLM\...\{2991A446-D356-44EC-930A-42E8B02A67C0}_is1) (Version: - MiniTool Solution Ltd.)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 62.0.3 (x86 cs) (HKLM\...\Mozilla Firefox 62.0.3 (x86 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
Mp3 Audio Editor (HKLM\...\Mp3 Audio Editor) (Version: - Mp3AudioEditor Inc.)
MP3 Normalizer (HKLM\...\MP3 Normalizer) (Version: 1.02 - mp3-soft.com)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed Underground 2 (HKLM\...\Need for Speed Underground 2) (Version: - )
Need for Speed™ Most Wanted (HKLM\...\{ADE91A13-434D-4229-00BC-182BAD607303}) (Version: - )
Nero Info (HKLM\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
Nero MediaHome Free (HKLM\...\{4C4E731B-FFBC-4CD4-967E-B468E61C89F4}) (Version: 16.0.03300 - Nero AG)
NirSoft NK2Edit (HKLM\...\NirSoft NK2Edit) (Version: - )
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{41DB3D33-D655-40BB-8BF3-824768DD6170}) (Version: 17.0.420 - O&O Software GmbH)
OpenOffice 4.1.3 (HKLM\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Ovládací panel NVIDIA 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 309.08 - NVIDIA Corporation) Hidden
Password Safe (32-bit) (HKLM\...\Password Safe) (Version: 3.47.2 - Rony Shapiro)
PC Remote Receiver 5.8.0 (HKLM\...\PC Remote Receiver) (Version: 5.8.0 - monect.com)
PDF Settings (HKLM\...\{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Prerequisite installer (HKLM\...\{799AFA36-4EA5-4323-8689-74C06645A26B}) (Version: 16.0.0004 - Nero AG) Hidden
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SDÍLEJ.CZ Manager (HKU\S-1-5-21-385729116-3703201098-1527315605-1000\...\69f070f18ade444c) (Version: 0.0.1.42 - SDÍLEJ.CZ)
SoundWire Server version 2.5 (HKLM\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 2.5 - GeorgieLabs)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
TeamViewer 13 (HKLM\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.0a - Ghisler Software GmbH)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
USB PC Camera (SN9C103) (HKLM\...\{EADAA6F7-991F-4CE9-B5CE-FCF3D81F7C7D}) (Version: 4.18.0.000 - Sonix)
USB Serial Port Driver (x86) (HKLM\...\{18800668-6583-4E75-ACDB-583DBB9E5F08}) (Version: 2013.30.0.313 - Nokia)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (05/11/2014 4.1.0000.00000) (HKLM\...\87222192CAFC6995E0CFC9B7690CF03A8B411292) (Version: 05/11/2014 4.1.0000.00000 - Google, Inc.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/11/2009 2.0.0010.00002) (HKLM\...\256CD808BFEEBAFFBD9071CA2C9D2D633E524FC9) (Version: 08/11/2009 2.0.0010.00002 - Google, Inc.)
Windows Driver Package - Qualcomm (qcusbnet) Net (07/29/2011 1.0.6.5) (HKLM\...\2F53F0A0FCEDAFD3CCCB1439CAAE0738B4BAFBFB) (Version: 07/29/2011 1.0.6.5 - Qualcomm)
Windows Driver Package - Qualcomm Incorporated (qcusbser) Modem (07/29/2011 2.0.8.7) (HKLM\...\6BF6A4AE61C76DD6CBA31ACB5852032BA320D4E4) (Version: 07/29/2011 2.0.8.7 - Qualcomm Incorporated)
Windows Driver Package - Qualcomm Incorporated (qcusbser) Ports (07/29/2011 2.0.8.7) (HKLM\...\B041351E684D13DF6500880671EDDA42E3285328) (Version: 07/29/2011 2.0.8.7 - Qualcomm Incorporated)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wondershare MirrorGo(Version 1.9.0) (HKLM\...\{EE843B49-D9BC-4A9E-A8A7-B9F14C0381C7}_is1) (Version: 1.9.0 - Wondershare)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.5 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-385729116-3703201098-1527315605-1000_Classes\CLSID\{DB450005-9764-11D6-819E-005056C00008}\localserver32 -> C:\Users\Mara\AppData\Local\Temp\is-E9Q19.tmp\DUMeter-Install.tmp => No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-10-04] (Google)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers1: [OODefrag] -> [CC]{48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [OODefrag] -> [CC]{48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-10-04] (Google)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-31] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers6: [OODefrag] -> [CC]{48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-385729116-3703201098-1527315605-1000: [DropboxExt] -> [CC]{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => -> No File
ContextMenuHandlers5_S-1-5-21-385729116-3703201098-1527315605-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01EB063A-19F8-428C-A4C1-F90E18B538E0} - \httpnewsfor24smocomhotsmartsm -> No File <==== ATTENTION
Task: {03BA30EB-6AB5-4044-8186-7400D2F98AAE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {06983716-7001-47A6-8ED1-D86F4D4F5188} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-22] (AVAST Software)
Task: {075351FB-2F9E-4784-B0EE-60FC31CD5AEC} - \{3FC65EF9-9158-4A54-91BF-7C9DE9B8618F} -> No File <==== ATTENTION
Task: {11B03A02-28EA-49B7-9554-8B17DF022532} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
Task: {1B7871FF-5887-4025-9779-DFFC1A5849C8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-31] (AVAST Software)
Task: {380AE368-69A2-4EE6-A310-B77040305A99} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
Task: {41E3D6C4-3D9B-4CFF-9302-38604E4198E1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-22] (Adobe Systems Incorporated)
Task: {4A89C20B-93E7-4A1D-A25C-357EEDCD6C9E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {4FE1784D-91CE-4BDE-B6E3-29CE7ED41083} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
Task: {5633A4B0-58B8-41DB-87E5-21691F7E37E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-18] (Google Inc.)
Task: {61A25131-BC2F-4336-96C4-1B28E76F818E} - \{BB9D3ED9-7B80-4B5E-8736-BB7F43F74B5E} -> No File <==== ATTENTION
Task: {7C7F4BF1-8EE6-49AF-B365-686865ED4473} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {7D4677BD-98AD-400B-895B-B831076DFFE1} - System32\Tasks\{AA7C8680-1EE5-42AF-B7E7-760DC7128344} => C:\Windows\system32\pcalua.exe -a "C:\PROGRAM FILES\CONMET\ConMet.exe" -c /uninstall
Task: {B0131950-11EE-4940-98FE-7E50C92DA70F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {B10DB050-4E83-472D-8029-AF978D79B2F1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
Task: {B55D2426-0CC9-4B12-81D2-8D505ED17B9D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Software Ltd)
Task: {C2CC99F0-94E2-449B-998C-00F9FDFC34E3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2018-01-10] (NVIDIA Corporation)
Task: {C5EBE1B5-9099-4A0A-A716-527028F2EBFD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-22] (Adobe Systems Incorporated)
Task: {CFFB1575-F11D-4BB3-A133-995948A03CBB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2018-01-10] (NVIDIA Corporation)
Task: {D33AA5D3-5B3B-400C-A6DC-964B03FDAFE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-18] (Google Inc.)
Task: {E09B079E-0295-4577-AEA8-D628361422F1} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {EF6F7AB9-ADDA-4831-A092-DA631839DD84} - System32\Tasks\Driver Booster SkipUAC (Mara) => C:\Program Files\IObit\Driver Booster\5.2.0\DriverBooster.exe
Task: {FE288029-E149-4797-B55A-30FB84FB472A} - System32\Tasks\Uninstaller_SkipUac_Mara => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2018-10-17] (IObit)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samsung Galaxy Ace - Guide - Cygwin-Odin\Cygwin Terminal.lnk -> C:\cygwin\Cygwin.bat (No File)

ShortcutWithArgument: C:\Users\Mara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2018-03-24 08:28 - 2015-01-31 01:48 - 000078480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2018-10-22 15:17 - 2018-10-22 15:17 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-10-22 15:18 - 2018-10-22 15:18 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-13 10:36 - 2018-11-13 10:36 - 005718672 _____ () C:\Program Files\AVAST Software\Avast\defs\18111300\algo.dll
2018-10-22 15:17 - 2018-10-22 15:17 - 000496856 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-10-22 15:17 - 2018-10-22 15:17 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-10-22 15:17 - 2018-10-22 15:17 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-03-03 10:54 - 2018-01-10 15:05 - 001042280 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-17 18:14 - 2014-05-23 16:36 - 000847872 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2017-01-17 18:14 - 2014-05-23 16:36 - 001411072 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2017-01-17 18:14 - 2014-05-23 16:36 - 000193024 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2017-01-17 18:14 - 2014-05-23 16:36 - 000137728 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2017-01-17 18:14 - 2014-05-23 16:36 - 000115712 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2018-11-06 17:14 - 2018-11-06 17:14 - 000090576 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-03-17 15:50 - 2018-03-17 15:50 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-10-27 22:48 - 2018-05-02 16:42 - 000442128 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2018-10-27 22:48 - 2018-05-02 16:42 - 000210704 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2018-10-27 22:48 - 2018-05-02 16:42 - 000059664 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2018-11-13 12:27 - 000000040 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 validation.sls.microsoft.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-385729116-3703201098-1527315605-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: IObitUnSvr => 2
MSCONFIG\Services: MonectServerService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: OODefragAgent => 2
MSCONFIG\Services: TrueKey => 2
MSCONFIG\Services: TrueKeyScheduler => 2
MSCONFIG\Services: TrueKeyServiceHelper => 3
MSCONFIG\Services: vncserver => 3
MSCONFIG\Services: WsAppService => 3
MSCONFIG\Services: WsDrvInst => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk => C:\Windows\pss\O&O Defrag Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SPDriverInstall.lnk => C:\Windows\pss\SPDriverInstall.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk => C:\Windows\pss\TMMonitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk => C:\Windows\pss\Universal Media Server.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Míša^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IPMSG for Win.lnk => C:\Windows\pss\IPMSG for Win.lnk.Startup
MSCONFIG\startupreg: AMP WinOFF => c:\program files\amp winoff\winoff.exe -quiet
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Users\Mara\samsung\NPSAgent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: ConMet => C:\Program Files\ConMet\ConMet.exe
MSCONFIG\startupreg: Connectify Hotspot => C:\Program Files\Connectify\Connectify.exe autorun
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Dropbox => "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: Free Download Manager => "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: JetVoice => "C:\Users\Mara\Downloads\JETVOICE.EXE" AUTORUN
MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Monitor => C:\Windows\PixArt\PAC207\Monitor.exe
MSCONFIG\startupreg: netmon.exe => C:\Program Files\netmon\netmon.exe
MSCONFIG\startupreg: NPSStartup =>
MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe
MSCONFIG\startupreg: PAC207_Monitor => C:\Windows\PixArt\PAC207\Monitor.exe
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: snpstd2 => C:\Windows\vsnpstd2.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{52D11CA5-B39F-4ABD-A1C0-16C94110A2F0}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F130144D-D6E0-4006-A26E-5BA7485BC874}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{02E69BAB-5D4A-4D4F-B1F5-BF0A5A05174C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F63E1C48-939B-408B-A1DF-7A2B478F350C}C:\program files\ea games\need for speed underground 2\speed2.exe] => (Allow) C:\program files\ea games\need for speed underground 2\speed2.exe
FirewallRules: [UDP Query User{B72D020A-2346-4D2C-83C1-3BD302B0849C}C:\program files\ea games\need for speed underground 2\speed2.exe] => (Allow) C:\program files\ea games\need for speed underground 2\speed2.exe
FirewallRules: [TCP Query User{7060C3D0-DF5D-4350-9151-8C338CCFD52C}C:\program files\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files\wondershare\mirrorgo\mirrorgo.exe
FirewallRules: [UDP Query User{066DC2FC-E788-467E-8218-E2C78DABEC7B}C:\program files\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files\wondershare\mirrorgo\mirrorgo.exe
FirewallRules: [TCP Query User{E34F2320-5F11-4EB6-894A-74068BABE7D4}C:\program files\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files\wondershare\mirrorgo\mirrorgo.exe
FirewallRules: [UDP Query User{7A58F333-A31F-408C-A81E-5B2849B87E2A}C:\program files\wondershare\mirrorgo\mirrorgo.exe] => (Allow) C:\program files\wondershare\mirrorgo\mirrorgo.exe
FirewallRules: [{2B750154-8AFB-446F-A2CE-7C119BD6A59D}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{619A0099-6652-4146-920F-5B8CE566C306}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{12336298-9BE9-47D2-AD56-A8EF93F5407A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F79423ED-882D-49E7-BD22-9DE9CCBF167D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{50663A96-9C01-44BD-A830-1E63DFEEEBD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{CB52D2CA-9DAD-4BEA-9EAD-9C9A707883E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F8415E54-AB09-46D1-8685-AE3C325504D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{084618D0-6E79-4EF5-B876-621BBE6312D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AC59438F-53C5-4C7A-9FB9-57C727EB05BC}] => (Allow) C:\Program Files\Samsung\Kies\Kies.exe
FirewallRules: [{18579335-54F1-4D86-A885-86178EB3D130}] => (Allow) C:\Program Files\Samsung\Kies\Kies.exe
FirewallRules: [{F411102D-5357-4759-B100-B16F42EF495D}] => (Allow) C:\Program Files\Samsung\Kies\Kies.exe
FirewallRules: [{2346A297-3F02-4844-A408-DFEC88D7E110}] => (Allow) C:\Program Files\Samsung\Kies\Kies.exe
FirewallRules: [{C98325C9-4CE6-4CE5-AA44-39954578BAFE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{019EDEE0-9D51-4EE1-81DC-06869DEA9601}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{27E72474-735D-4A65-9AB3-31C9AB3A620C}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{1CA05547-0023-449F-889D-58D710DB8243}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [TCP Query User{DE1A2F34-B26D-4691-9738-9F4FC442923C}C:\program files\pc remote receiver\pcremotereceiver.exe] => (Allow) C:\program files\pc remote receiver\pcremotereceiver.exe
FirewallRules: [UDP Query User{62D23E12-05C2-4F64-BEC9-FE1B007CFBFF}C:\program files\pc remote receiver\pcremotereceiver.exe] => (Allow) C:\program files\pc remote receiver\pcremotereceiver.exe
FirewallRules: [{BE6402FC-BB5A-4034-97BF-0B6DE45D79DD}] => (Allow) C:\Program Files\PC Remote Receiver\PCRemoteReceiver.exe
FirewallRules: [{EA7377AD-7240-42C2-820C-0D9CF461C5F5}] => (Allow) C:\Program Files\PC Remote Receiver\MonectMediaCenter.exe
FirewallRules: [TCP Query User{4E610039-47D4-4B46-BF1D-BBB6C4816A98}C:\@@@flash lg\flash lg\shttps\http.exe] => (Allow) C:\@@@flash lg\flash lg\shttps\http.exe
FirewallRules: [UDP Query User{569C2B59-9789-46DA-BA5F-9D47ABADD387}C:\@@@flash lg\flash lg\shttps\http.exe] => (Allow) C:\@@@flash lg\flash lg\shttps\http.exe
FirewallRules: [{259C3D7F-7A57-4D21-926D-74989160EB69}] => (Allow) C:\Users\Míša\AppData\Local\IPMsg\ipmsg.exe
FirewallRules: [{91B09CD3-E71C-4153-92E3-BD35C58260EA}] => (Allow) C:\Users\Míša\AppData\Local\IPMsg\ipmsg.exe
FirewallRules: [TCP Query User{69202BBD-57D5-41C7-9827-CCC3EF5EA577}C:\users\míša\appdata\local\ipmsg\ipmsg.exe] => (Block) C:\users\míša\appdata\local\ipmsg\ipmsg.exe
FirewallRules: [UDP Query User{1C1247CB-DF5E-4378-96AB-4C379953763E}C:\users\míša\appdata\local\ipmsg\ipmsg.exe] => (Block) C:\users\míša\appdata\local\ipmsg\ipmsg.exe
FirewallRules: [{BC3D99CE-60D9-4094-92F7-25E286B9F01C}] => (Allow) C:\KMPlayer\KMPlayer.exe
FirewallRules: [{C9376C76-F28B-4751-AE50-B7E981EBBE51}] => (Allow) C:\KMPlayer\KMPlayer.exe
FirewallRules: [{3CCB845A-22D6-47E7-8A48-F578F496E636}] => (Allow) C:\KMPlayer\KMPlayer.exe
FirewallRules: [{7813CB46-892C-43B7-A7DE-4BFFF5DD187E}] => (Allow) C:\KMPlayer\KMPlayer.exe
FirewallRules: [{045597AB-BC31-4086-9738-68901260D04E}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{83704968-63DB-40CE-8F0B-A7FC3F23B59E}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{439CDB3B-FF39-4C6D-80FA-984A47D0705E}] => (Allow) C:\Program Files\Nero\KM\NMDllHost.exe
FirewallRules: [{0A30441A-4172-4841-8C65-90E8677BD08D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3BA9D126-48D5-4572-A87C-81F3ACC480F8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{4EDF49FA-23AB-4012-882B-59596695A79F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{39776C57-FD31-4874-86C5-C9BF5DC9602B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{FCF3A783-E74D-4AA7-9335-02F9B924CABD}C:\users\mara\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mara\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{049E07E1-240F-4A40-BF44-12372510FB39}C:\users\mara\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mara\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{C22C9649-C17A-4162-AF10-823807EF7834}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{15D71E31-A6E6-4244-99C2-6C7FDE3B5BD5}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{403D75C1-D58D-49C8-8B2C-3E3CC13DFFD1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{7D9D1B90-10B9-4BD5-8068-AC3F123B0A45}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{EFEBFAAB-4089-428D-AF12-6130C47EB7C5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{41605CE4-8395-4E0A-9778-7CCF2128BEAB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{D8CF901B-C1A2-4B6B-B36D-52DDCF779BF6}C:\program files\soundwire server\soundwireserver.exe] => (Allow) C:\program files\soundwire server\soundwireserver.exe
FirewallRules: [UDP Query User{50161135-918D-4EE4-9E56-48276BE86527}C:\program files\soundwire server\soundwireserver.exe] => (Allow) C:\program files\soundwire server\soundwireserver.exe
FirewallRules: [{E8A61926-AFFE-46BD-8A80-8CDF4750A170}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{EA9A4493-5387-4ED7-B908-DE216E428DFD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{BD6977B3-8AEE-4AD6-9F60-04509FD3D833}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{7280A26E-182F-4BA1-8D07-92A06369C176}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{C0AFE950-6D75-4BA7-9E2A-15CB060EC88C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================

13-11-2018 14:10:43 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices =============

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel(R) 82566DC – gigabitové síťové připojení
Description: Intel(R) 82566DC – gigabitové síťové připojení
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1express
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Myš Microsoft pro port PS/2
Description: Myš Microsoft pro port PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2018 01:27:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/13/2018 12:29:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/13/2018 12:27:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: w7lxe.exe, verze: 3.5.0.3, časové razítko: 0x4bf75677
Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdadb
Kód výjimky: 0xc0000005
Posun chyby: 0x00055581
ID chybujícího procesu: 0xf9c
Čas spuštění chybující aplikace: 0x01d47b43c48f98ed
Cesta k chybující aplikaci: C:\Users\Mara\Downloads\Nové\Win 7 Activator\Activator\w7lxe.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 1331003d-e737-11e8-8615-a52ab1c85456

Error: (11/13/2018 11:52:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/13/2018 10:44:27 AM) (Source: W3SVC-WP) (EventID: 2280) (User: )
Description: Dynamickou knihovnu C:\Windows\System32\inetsrv\cachuri.dll modulu se nepodařilo načíst. Data obsahují chybu.

Error: (11/13/2018 10:44:26 AM) (Source: W3SVC-WP) (EventID: 2280) (User: )
Description: Dynamickou knihovnu C:\Windows\System32\inetsrv\cachuri.dll modulu se nepodařilo načíst. Data obsahují chybu.

Error: (11/13/2018 10:44:25 AM) (Source: W3SVC-WP) (EventID: 2280) (User: )
Description: Dynamickou knihovnu C:\Windows\System32\inetsrv\cachuri.dll modulu se nepodařilo načíst. Data obsahují chybu.

Error: (11/13/2018 10:44:24 AM) (Source: W3SVC-WP) (EventID: 2280) (User: )
Description: Dynamickou knihovnu C:\Windows\System32\inetsrv\cachuri.dll modulu se nepodařilo načíst. Data obsahují chybu.


System errors:
=============
Error: (11/13/2018 02:15:47 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 8) (User: MARAHOME)
Description: Instalace aktualizace Service Pack skončila s kódem chyby 0x800f0a13.

Error: (11/13/2018 01:16:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
Ext2Fsd

Error: (11/13/2018 01:16:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/13/2018 12:37:23 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 8) (User: MARAHOME)
Description: Instalace aktualizace Service Pack skončila s kódem chyby 0x800f0a13.

Error: (11/13/2018 12:22:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
Ext2Fsd

Error: (11/13/2018 12:22:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/13/2018 11:49:59 AM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 8) (User: MARAHOME)
Description: Instalace aktualizace Service Pack skončila s kódem chyby 0x800f0a13.

Error: (11/13/2018 10:44:28 AM) (Source: WAS) (EventID: 5002) (User: )
Description: Fond aplikací DefaultAppPool bude automaticky zakázán z důvodu řady chyb v procesech obsluhujících daný fond aplikací.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz
Percentage of memory in use: 71%
Total physical RAM: 3069.61 MB
Available physical RAM: 878.39 MB
Total Virtual: 5067.89 MB
Available Virtual: 2750.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:39.28 GB) (Free:1.52 GB) NTFS
Drive z: (Zaloha) (Fixed) (Total:2.14 GB) (Free:0.39 GB) NTFS

\\?\Volume{41c3a6b9-dcce-11e6-a77a-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: 1BDD5CA0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=39.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=35.2 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15196
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosim o kontrolu..(jestli vycistit nebo reinstall)

#5 Příspěvek od JaRon »

Pri tej hlaske staci dat dalsi
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

hoblik007
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 21 čer 2005 21:03
Bydliště: Olomouc
Kontaktovat uživatele:

Re: Prosim o kontrolu..(jestli vycistit nebo reinstall)

#6 Příspěvek od hoblik007 »

Omlouvam se...spletl jsem se..
Tohle je vončo:

Kód: Vybrat vše

https://drive.google.com/file/d/12QzRsjkeCaaSTOHdyNlGggv0_L71tZt5/view?usp=sharing

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15196
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosim o kontrolu..(jestli vycistit nebo reinstall)

#7 Příspěvek od JaRon »

Spust s prikazoveho riadku sfc/scannow
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

hoblik007
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 21 čer 2005 21:03
Bydliště: Olomouc
Kontaktovat uživatele:

Re: Prosim o kontrolu..(jestli vycistit nebo reinstall)

#8 Příspěvek od hoblik007 »

Po tomto pořád stejná hláška viz screen co jsem dával... :(

hoblik007
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 21 čer 2005 21:03
Bydliště: Olomouc
Kontaktovat uživatele:

Re: Prosim o kontrolu..(jestli vycistit nebo reinstall)

#9 Příspěvek od hoblik007 »

Ještě nějaká rada prosim?

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15196
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosim o kontrolu..(jestli vycistit nebo reinstall)

#10 Příspěvek od JaRon »

Vidim to na reinstall
Doporucujem NIKDY neinstalovat do PC produkty IOBit ako ASC
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosim o kontrolu..(jestli vycistit nebo reinstall)

#11 Příspěvek od Conder »

Pardon za vstup, ak si este nedal reinstall, tak mozme este nieco skusit :)

Co sa vypise v prikazovom riadku, ak spusits prikaz "sfc /scannow"?

Ten druhy screenshot nie je verejny, prosim, nahraj ho do prilohy.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět