Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivní kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
T72
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 02 lis 2011 18:31

Prosím o preventivní kontrolu

#1 Příspěvek od T72 »

Děkuji předem

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2018-12-08 21:03:40
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 51 GB (32%) free of 160 GB
Total RAM: 3326 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:03:43, on 8.12.2018
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16845)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\PC\Downloads\RSIT.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Program Files\RivaTuner v2.23\RivaTunerWrapper.exe" /S
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.8.0_111\bin\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Action! service (ACTION_SVC) - Unknown owner - C:\Program Files\Mirillis\Action!\action_svc.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService.exe - Unknown owner - C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe

--
End of file - 4872 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.126 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1231201.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@caminova.com/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files\Caminova\Document Express DjVu Plug-in\npdjvu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.144.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2897]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=D:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2955]
"Description"=RealJukebox Netscape Plugin
"Path"=D:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1675]
"Description"=6.0.12.1675
"Path"=D:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
QuickTimePlugin.class

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-16 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-16 187968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [2018-11-19 242392]
"RivaTunerStartupDaemon"=D:\Program Files\RivaTuner v2.23\RivaTunerWrapper.exe [2009-02-15 24576]
"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2017-05-16 1047000]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.8.0_111\bin\jusched.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"Google Update"=C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [2018-11-26 601680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2017-05-16 1047000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2016-06-24 2724896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.lhacm"=lhacm.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.FICV"=ficvdec_x86.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"vidc.XVID"=xvidvfw.dll
"msacm.avis"=ff_acm.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open - "D:\Program Files\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2018-12-08 20:58:17 ----D---- C:\rsit
2018-11-19 20:12:57 ----A---- C:\Windows\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2018-12-08 21:03:40 ----D---- C:\Program Files\trend micro
2018-12-08 21:03:38 ----D---- C:\Windows\temp
2018-12-08 21:03:26 ----D---- C:\Windows\Prefetch
2018-12-08 20:41:55 ----D---- C:\ProgramData\NVIDIA
2018-12-07 10:58:28 ----SHD---- C:\System Volume Information
2018-12-06 17:31:14 ----D---- C:\Windows\system32\drivers
2018-12-06 14:36:15 ----D---- C:\Windows\inf
2018-12-03 18:53:51 ----D---- C:\Windows\SoftwareDistribution
2018-11-19 20:13:27 ----D---- C:\Windows\system32\Tasks
2018-11-19 20:12:57 ----D---- C:\Windows\System32
2018-11-16 20:22:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-11-16 20:18:58 ----D---- C:\Users\PC\AppData\Roaming\vlc
2018-11-13 12:05:25 ----D---- C:\Windows\system32\CatRoot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-11-19 165384]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-11-19 284256]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-11-19 57904]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-11-19 72800]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-11-19 310200]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-10-29 721904]
R1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys [2002-07-17 16877]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-11-19 167480]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-11-19 188976]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-11-27 183176]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2018-11-19 40688]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2018-11-19 70640]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-11-19 784560]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-11-19 397992]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-11-19 135200]
R3 aswStmXP;aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [2018-11-19 146584]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-25 8939296]
R3 RivaTuner32;RivaTuner32; \??\D:\Program Files\RivaTuner v2.23\RivaTuner32.sys [2009-02-15 9088]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 118784]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []
S3 a2ggfu5g;a2ggfu5g; C:\Windows\system32\drivers\a2ggfu5g.sys []
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-11-19 42736]
S3 cpuz138;cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x32.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-03-18 26168]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-03-18 40504]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2009-12-09 16608]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-27 2149912]
S3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2017-11-18 65312]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 34944]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2018-11-19 324000]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HuaweiHiSuiteService.exe;HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [2017-07-26 155848]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2016-06-24 506912]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R2 WsAppService;Wondershare Application Framework Service; C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe [2015-12-02 382464]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [2018-11-19 6799632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-11-29 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S3 ACTION_SVC;Action! service; C:\Program Files\Mirillis\Action!\action_svc.exe [2014-10-25 16064]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-07 4430792]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2018-06-26 174032]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2016-11-29 25808]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2016-11-29 45752]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivní kontrolu

#2 Příspěvek od Conder »

:arrow: Na zaciatok by som chcel upozornit, ze pre system Windows Vista skoncila podpora s bezpecnostnymi aktualizaciami v roku 2017. Takisto aj prehliadace Chrome a Firefox ukoncili Windows Vista (sice Firefox len relativne nedavno - 09/2018). Pouzivanie neaktualizovaneho systemu alebo prehliadacov je riziko (najma ak je pripojeny k internetu), kedze system obsahuje verejne zname a neopravene bezpecnostne chyby, ktore mozu ulahcit napadnutie roznym malwarom.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

T72
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 02 lis 2011 18:31

Re: Prosím o preventivní kontrolu

#3 Příspěvek od T72 »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-12-07.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-09-2018
# Duration: 00:00:01
# OS: Windows Vista (TM) Home Premium
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1266 octets] - [04/11/2018 18:27:38]
AdwCleaner[S01].txt - [1327 octets] - [09/12/2018 21:30:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivní kontrolu

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

T72
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 02 lis 2011 18:31

Re: Prosím o preventivní kontrolu

#5 Příspěvek od T72 »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09.12.2018
Ran by PC (administrator) on PC-PC (12-12-2018 22:02:26)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
() C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Wondershare) C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [242392 2018-11-19] (AVAST Software)
HKLM\...\Run: [RivaTunerStartupDaemon] => D:\Program Files\RivaTuner v2.23\RivaTunerWrapper.exe [24576 2009-02-15] ()
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [1047000 2017-05-16] (DivX, LLC)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre1.8.0_111\bin\jusched.exe"
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Run: [Google Update] => C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-11-26] (Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B19EC0B2-43B3-4952-AFBD-6CF03A6FDE28}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C51ECA95-90CD-4287-8E92-25866C0571FB}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-16] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-16] (Oracle Corporation)
DPF: {CAFEEFAC-0018-0000-00111-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592 [2018-12-12]
FF Homepage: Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592 -> hxxps://www.seznam.cz/
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\sp@avast.com.xpi [2018-11-15]
FF Extension: (TinEye Reverse Image Search) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\tineye@ideeinc.com.xpi [2018-10-06]
FF Extension: (Avast Online Security) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\wrc@avast.com.xpi [2018-11-21]
FF Extension: (NoSquint Plus) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\zoomlevelplus@zoomlevelplus.net.xpi [2017-11-11]
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w2b5fv7q.default-1444136383592\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-29] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll [2018-01-04] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin: @caminova.com/DjVuPlugin -> C:\Program Files\Caminova\Document Express DjVu Plug-in\npdjvu.dll [2013-06-03] (Caminova, Inc.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2017-05-15] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-16] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2897 -> D:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2009-09-13] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2955 -> D:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2009-09-13] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1675 -> D:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2009-09-13] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1484727336-25265518-3277325258-1000: @tools.google.com/Google Update;version=3 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-11-26] (Google Inc.)
FF Plugin HKU\S-1-5-21-1484727336-25265518-3277325258-1000: @tools.google.com/Google Update;version=9 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-11-26] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2018-12-07]
CHR Extension: (Seznam doplněk - Email) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-12-07]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-12-07]
CHR Extension: (Allavsoft video downloader converter) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhancbnhabhandieicagelcddkdfgoif [2016-07-14]
CHR Extension: (Tampermonkey) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-10-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-11]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-12-07]
CHR HKLM\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - D:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.11.7.6009\BVDChromeExt.crx [2016-06-24]
StartMenuInternet: Google Chrome.434FZJ5JWZ52LJLD7DSFOJOJHM - C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR StartupUrls: "hxxp://seznam.cz/"

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACTION_SVC; C:\Program Files\Mirillis\Action!\action_svc.exe [16064 2014-10-25] ()
S3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [6799632 2018-11-19] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [324000 2018-11-19] (AVAST Software)
R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [155848 2017-07-26] ()
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4430792 2017-08-07] (Malwarebytes)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506912 2016-06-24] (Sony Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe [382464 2015-12-02] (Wondershare) [File not signed]
S3 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ASPI32; C:\Windows\system32\Drivers\ASPI32.sys [16877 2002-07-17] (Adaptec)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-11-19] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-11-19] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-11-19] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-11-19] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-11-19] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-11-27] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-11-19] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-11-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2018-11-19] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [70640 2018-11-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-11-19] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784560 2018-11-19] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397992 2018-11-19] (AVAST Software)
R3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [146584 2018-11-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-11-19] (AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2017-03-18] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2017-03-18] (Disc Soft Ltd)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 gdrv; C:\Windows\gdrv.sys [16608 2009-12-09] (Windows (R) 2000 DDK provider)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [65312 2017-11-18] (Malwarebytes)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 RivaTuner32; D:\Program Files\RivaTuner v2.23\RivaTuner32.sys [9088 2009-02-15] () [File not signed]
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [106208 2009-03-25] (MCCI Corporation) [File not signed]
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-10-29] ()
S3 cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [X] <==== ATTENTION
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2017-07-26] (Huawei Technologies Co., Ltd.)
S2 VBoxAswDrv; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [X]
U3 avdijsm2; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-12 22:01 - 2018-12-12 22:01 - 000000000 ___HD C:\$AV_ASW
2018-12-12 22:00 - 2018-12-12 22:02 - 000015586 _____ C:\Users\PC\Desktop\FRST.txt
2018-12-12 22:00 - 2018-12-12 22:00 - 000000000 ____D C:\FRST
2018-12-12 21:59 - 2018-12-12 21:59 - 001776640 _____ (Farbar) C:\Users\PC\Desktop\FRST.exe
2018-12-09 21:29 - 2018-12-09 21:29 - 007321808 _____ (Malwarebytes) C:\Users\PC\Desktop\adwcleaner_7.2.5.0.exe
2018-12-08 20:58 - 2018-12-08 20:59 - 000000000 ____D C:\rsit
2018-12-08 20:57 - 2018-12-08 20:58 - 001107968 _____ C:\Users\PC\Downloads\RSIT.exe
2018-12-04 21:43 - 2018-12-04 21:43 - 000081671 _____ C:\Users\PC\Downloads\Kupní smlouva - FOCUS.pdf
2018-11-24 14:21 - 2018-11-24 14:21 - 000077390 _____ C:\Users\PC\Downloads\SMLOUVA o smlouvě budoucí FORD.pdf
2018-11-19 20:12 - 2018-11-19 20:12 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-11-14 22:10 - 2018-11-14 22:10 - 000294984 _____ C:\Users\PC\Downloads\repove-brownies-bez-mouky-51494.htm
2018-11-13 15:38 - 2018-11-13 17:05 - 1556148758 _____ C:\Users\PC\Downloads\Pořád jsem to já.2014.DVDRip.Drama.USA.CZ Dabing.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-12 22:00 - 2016-11-17 22:11 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla
2018-12-12 21:09 - 2018-07-17 14:14 - 000000000 ____D C:\Users\PC\AppData\Local\AVAST Software
2018-12-12 21:06 - 2009-05-20 18:27 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-12 21:06 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-12 21:06 - 2006-11-02 13:47 - 000003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-12 21:06 - 2006-11-02 13:47 - 000003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-12 20:28 - 2006-11-02 14:01 - 000032626 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-12-08 21:03 - 2012-01-30 16:05 - 000000000 ____D C:\Program Files\trend micro
2018-12-06 14:36 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2018-12-04 09:54 - 2014-07-14 07:17 - 000000000 ____D C:\Users\PC\Documents\arma1
2018-11-27 09:40 - 2018-01-04 18:18 - 000183176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-11-19 20:12 - 2017-11-16 16:29 - 000167480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-11-19 20:12 - 2017-03-07 17:45 - 000284256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys
2018-11-19 20:12 - 2017-03-07 17:45 - 000188976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2018-11-19 20:12 - 2017-03-07 17:45 - 000165384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys
2018-11-19 20:12 - 2017-03-07 17:45 - 000057904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys
2018-11-19 20:12 - 2016-05-03 19:58 - 000146584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2018-11-19 20:12 - 2016-05-03 19:58 - 000040688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-11-19 20:12 - 2014-05-06 15:16 - 000042736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-11-19 20:12 - 2013-03-15 14:35 - 000310200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-11-19 20:12 - 2013-03-15 14:35 - 000072800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-11-19 20:12 - 2011-03-03 16:01 - 000784560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-11-19 20:12 - 2009-05-20 20:55 - 000397992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-11-19 20:12 - 2009-05-20 20:55 - 000135200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-11-19 20:12 - 2009-05-20 20:55 - 000070640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2018-11-16 20:23 - 2009-06-27 19:44 - 000230912 _____ C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-11-16 20:22 - 2008-01-21 07:47 - 001532794 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-16 20:22 - 2008-01-21 07:46 - 000645070 _____ C:\Windows\system32\perfh005.dat
2018-11-16 20:22 - 2008-01-21 07:46 - 000137740 _____ C:\Windows\system32\perfc005.dat
2018-11-16 20:18 - 2013-10-30 14:44 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2011-05-23 18:10 - 2012-09-06 09:52 - 000000132 _____ () C:\Users\PC\AppData\Roaming\Adobe PNG Format CS5 Prefs
2011-04-13 12:47 - 2012-09-06 11:41 - 000114688 _____ () C:\Users\PC\AppData\Roaming\fontdb.mdb
2013-12-06 15:57 - 2016-02-04 20:35 - 000087608 _____ () C:\Users\PC\AppData\Roaming\inst.exe
2012-02-14 15:51 - 2016-02-04 20:35 - 000007887 _____ () C:\Users\PC\AppData\Roaming\pcouffin.cat
2012-02-14 15:51 - 2016-02-04 20:35 - 000001144 _____ () C:\Users\PC\AppData\Roaming\pcouffin.inf
2012-02-14 15:51 - 2016-02-04 20:35 - 000000055 _____ () C:\Users\PC\AppData\Roaming\pcouffin.log
2012-02-14 15:51 - 2016-02-04 20:35 - 000047360 _____ (VSO Software) C:\Users\PC\AppData\Roaming\pcouffin.sys
2009-05-20 17:43 - 2018-02-07 13:42 - 000007916 _____ () C:\Users\PC\AppData\Local\d3d9caps.dat
2009-06-27 19:44 - 2018-11-16 20:23 - 000230912 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-05-07 21:31 - 2018-05-07 21:31 - 000029696 _____ () C:\Users\PC\AppData\Local\MSGBOX.EXE
2011-09-30 12:37 - 2011-09-30 12:38 - 000000000 _____ () C:\Users\PC\AppData\Local\{573435C1-A685-4840-9E50-A8728DBEEF48}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-12 21:12

==================== End of FRST.txt ============================



Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09.12.2018
Ran by PC (12-12-2018 22:02:53)
Running from C:\Users\PC\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2009-05-20 15:42:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1484727336-25265518-3277325258-500 - Administrator - Disabled)
Guest (S-1-5-21-1484727336-25265518-3277325258-501 - Limited - Disabled)
PC (S-1-5-21-1484727336-25265518-3277325258-1000 - Administrator - Enabled) => C:\Users\PC
UpdatusUser (S-1-5-21-1484727336-25265518-3277325258-1006 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . . (HKLM\...\{C01175B6-6575-4526-A55B-2BC2F10BA083}) (Version: 2.7.2.4 - Intel) Hidden
4K Video Downloader 4.1 (HKLM\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC)
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
AC3Filter 1.63b (HKLM\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Addon-y (HKLM\...\Addon-y) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Aktualizace NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Allavsoft 3.11.7.6009 (HKLM\...\{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}_is1) (Version: - Allavsoft Corporation)
ARMA 2 Operation Arrowhead Uninstall (HKLM\...\ARMA 2 Operation Arrowhead) (Version: - )
ArmA 2 Uninstall (HKLM\...\ArmA 2) (Version: - )
Arma Cold War Assault Uninstall (HKLM\...\Arma Cold War Assault) (Version: - )
ArmA Edit (HKLM\...\{6997644B-5E1C-453A-82E8-7DBAA4DD41F9}) (Version: 1.3.4000 - CHSoftware)
ArmA Uninstall (HKLM\...\ArmA) (Version: - )
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Battlefield 2(TM) Demo (HKLM\...\{8BECF123-B0EF-4E51-B7F3-923EFE15CC4A}) (Version: - )
BINview (HKLM\...\BINview) (Version: 1.0 - the Chain of Command)
Brain Workshop 4.8.4 (HKLM\...\Brain Workshop_is1) (Version: 4.8.4 - Paul Hoskinson & Jonathan Toomim)
calibre (HKLM\...\{5E07DBE4-E35F-4FF5-9944-0CA6D0A2704C}) (Version: 3.9.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CoreAAC Audio Decoder (remove only) (HKLM\...\CoreAAC Audio Decoder) (Version: - )
Counter-Strike 1.6 (HKLM\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
CrystalDiskInfo 7.0.5 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.224 - DivX, LLC)
Document Express DjVu Plug-in (HKLM\...\{2E8C03EC-E09F-4868-A4AC-02B9285D3E09}) (Version: 6.1.31831 - Caminova, Inc.)
Dropbox (HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ffdshow [rev 3299] [2010-03-03] (HKLM\...\ffdshow_is1) (Version: 1.0.0.3299 - )
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Earth Pro (HKLM\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - )
HiSuite (HKLM\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP Deskjet 3540 series Nápověda (HKLM\...\{13EFEB9B-FB50-40C6-9F18-C3F38AAE81D1}) (Version: 30.0.0 - Hewlett Packard)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
ImageMagick 6.9.3-0 Q16 (32-bit) (2016-01-02) (HKLM\...\ImageMagick 6.9.3 Q16 (32-bit)_is1) (Version: 6.9.3 - ImageMagick Studio LLC)
InfraRecorder (HKLM\...\InfraRecorder) (Version: - Christian Kindahl)
Intel® Driver Update Utility (HKLM\...\{954190cd-c66c-4650-bd15-f3dd85f2ae15}) (Version: 2.7.2.4 - Intel)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
K-Lite Codec Pack 6.9.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 6.9.0 - )
KProbe 2.5.2 (HKLM\...\KProbe) (Version: - )
Malwarebytes verze 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
MergeModule_x86 (HKLM\...\{DD7721BB-CF1C-4DC9-AD87-8D5FB75413B7}) (Version: 9.3.00 - Sony Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.6 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM\...\{90170405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 52.9.0 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x86 cs)) (Version: 52.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.9.0.6746 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{45B3A3BD-F90D-48FE-A147-D74878A51029}) (Version: 7.03.0920 - Nero AG)
NETCommOCX (HKLM\...\NETCommOCX) (Version: - )
Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version: - )
NVIDIA Ovladač 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Obaly (HKLM\...\Obaly) (Version: - )
OpenAL (HKLM\...\OpenAL) (Version: - )
OpenOffice.org 3.0 (HKLM\...\{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}) (Version: 3.0.9358 - OpenOffice.org)
Opera Stable 36.0.2130.80 (HKLM\...\Opera 36.0.2130.80) (Version: 36.0.2130.80 - Opera Software)
Operation Flashpoint uninstall (HKLM\...\Operation Flashpoint) (Version: - )
Ovládací panel NVIDIA 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 311.06 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PlayMemories Home (HKLM\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.2.01.06240 - Sony Corporation)
PMB_ModeEditor (HKLM\...\{D5318740-B088-4B1A-B6A8-1F90A172CCD1}) (Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM\...\{E7FDF11C-12BB-4D6F-9B6D-F8E488C776DC}) (Version: 10.2.01 - Sony Corporation) Hidden
PSPad editor (HKLM\...\PSPad editor_is1) (Version: - Jan Fiala)
Qualcomm USB Drivers For Windows (HKLM\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.00.25 - QUALCOMM Incorporated)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Real Alternative 1.7.5 (HKLM\...\RealAlt_is1) (Version: 1.7.5 - )
RealPlayer (HKLM\...\RealPlayer 6.0) (Version: - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5653 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RivaTuner v2.23 (HKLM\...\RivaTuner) (Version: v2.23 - Alexey Nicolaychuk)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
ScanSoft OmniPage SE 4 (HKLM\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Segoe UI (HKLM\...\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}) (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype™ 7.36 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.150 - Skype Technologies S.A.)
Smart Game Booster 4 (HKLM\...\Smart Game Booster_is1) (Version: 4.0.0 - Smart Game Booster)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM\...\{E5F05232-96B6-4552-A480-785A60A94B21}) (Version: 5.0.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TmNationsForever Update 2010-03-15 (HKLM\...\TmNationsForever_is1) (Version: - Nadeo)
TopStyle Lite (Version 3) (HKLM\...\TopStyle Lite (Version 3.0)) (Version: - )
TopStyle Lite (Version 3) (HKLM\...\TSLite3_is1) (Version: - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.50a - Ghisler Software GmbH)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.33 - VSO-Software SARL)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Updates Downloader (HKLM\...\Windows Updates Downloader) (Version: 2.50 Build 1002 - Supremus Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
winSPMBT (HKU\S-1-5-21-1484727336-25265518-3277325258-1000\...\winSPMBT) (Version: - )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
YTD (pepak) (HKLM\...\YTD_Pepak) (Version: - )
Základní software zařízení HP Deskjet 3540 series (HKLM\...\{F7CDA8AA-403B-4520-84C4-224C7438D66C}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{47E792CF-0BBE-4F7A-859C-194B0768650A}\InprocServer32 -> D:\Program Files\K-Lite Codec Pack\Filters\FLVSplitter.ax (MPC-HC Team)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.32.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{D1FE6762-FC48-11D0-883A-3C8B00C10000}\InprocServer32 -> C:\Windows\system32\Dxtrans.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{D3D9D58B-45B5-48AB-B199-B8C40560AEC7}\InprocServer32 -> D:\Program Files\K-Lite Codec Pack\Filters\MP4Splitter.ax (MPC-HC Team)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{DF2FCE13-25EC-45BB-9D4C-CECD47C2430C}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.33.17\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InprocServer32 -> C:\Windows\system32\ieframe.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2018-11-19] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2018-11-19] (AVAST Software)
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2017-05-01] (DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2017-05-01] (DivX, LLC)
ContextMenuHandlers1: [PSPad] -> {8903F6C9-25E3-40AC-A98F-E6D35CD0469C} => D:\Program Files\PSPad editor\PSPadShell.dll [2008-03-30] ()
ContextMenuHandlers1: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files\PCGameBoost\Smart Game Booster\MenuExt32.dll [2016-12-06] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2009-08-16] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2018-11-19] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files\PCGameBoost\Smart Game Booster\MenuExt32.dll [2016-12-06] ()
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2009-08-16] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-01-18] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2018-11-19] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files\PCGameBoost\Smart Game Booster\MenuExt32.dll [2016-12-06] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2009-08-16] ()
ContextMenuHandlers1_S-1-5-21-1484727336-25265518-3277325258-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1484727336-25265518-3277325258-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1484727336-25265518-3277325258-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {046A6AE2-1C64-4561-9D98-B12E762EABDA} - System32\Tasks\DivXUpdate => C:\Program Files\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2017-05-01] (DivX, LLC)
Task: {0829CD53-0534-47C9-9AFD-3DE883BE933A} - System32\Tasks\SmartGameBooster SkipUAC (PC) => C:\Program Files\PCGameBoost\Smart Game Booster\SgbMain.exe [2016-12-20] ()
Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {11D357C0-81D5-4132-9558-4869B087009E} - System32\Tasks\{62075FDE-F6E7-43CC-8560-DAEE75BFC683} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Codemasters\OperationFlashpoint\Res\Campaigns\Odinštaluj_AMBER.exe"
Task: {1E56D88D-BF59-4044-8755-C8DE7EC5F33E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1484727336-25265518-3277325258-1000Core => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1F3FB82C-776F-46B1-AA2C-898047879E6F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {270F2322-A9A7-4548-824E-2AC94D116595} - System32\Tasks\avastBCLRestartS-1-5-21-1484727336-25265518-3277325258-1000 => C:\Program Files\Mozilla Firefox\firefox.exe
Task: {36B06E59-5C8E-4EC9-8716-02341BF7084E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [2017-12-02] (Adobe Systems Incorporated)
Task: {3F20B811-0C82-4BB5-BC1C-40B6D888D617} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1484727336-25265518-3277325258-1000UA => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4FCDEFAE-1386-4A91-ABA7-730F2C3BB8B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {54AF73CD-EBA7-4CE9-8C96-D792EEBCA1E7} - System32\Tasks\{F1B89C98-40FC-47E1-92A4-0F01F7EDA2AA} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Codemasters\OperationFlashpoint\UnInstallResistance.exe" -d "D:\Program Files\Codemasters\OperationFlashpoint"
Task: {685DE5AD-A835-4126-A5E9-FA53ADD5DC3E} - System32\Tasks\{39D37DCE-0784-47DB-B103-8C81C2AC3A30} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Codemasters\OperationFlashpoint\uninstall.exe"
Task: {6A7725F8-2B44-43F7-8BAE-F77347C48A66} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-28] (AVAST Software)
Task: {769B6F9D-0E17-4F27-BCC4-A524DE498731} - System32\Tasks\{EDFBB81C-F8A6-4E33-A647-14217CA8F33E} => C:\Windows\system32\pcalua.exe -a "D:\Program Files\Codemasters\OperationFlashpoint\FlashpointResistance.exe" -d "D:\Program Files\Codemasters\OperationFlashpoint"
Task: {77E3607A-FBF2-4935-93E8-F7E63821A423} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [2018-11-19] (AVAST Software)
Task: {7A184586-85A8-4D07-BAA0-B86481797BAA} - System32\Tasks\AdobeAAMUpdater-1.0-PC-PC-PC => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {7AC95EB9-BB3C-425A-A37F-594927169AF3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-11] (Piriform Ltd)
Task: {9A7E3EBE-DF34-4AE2-B4FA-D0F9EF16B4D1} - System32\Tasks\{8A7F7DC3-BD75-451E-AE54-8FA0208DAC04} => C:\Windows\system32\pcalua.exe -a "C:\Users\PC\Desktop\Torpark 2.0.0.3a\Torpark.exe" -d "C:\Users\PC\Desktop\Torpark 2.0.0.3a"
Task: {A96DC445-0312-4C5F-A1CB-1E870D5D7E81} - System32\Tasks\Opera scheduled Autoupdate 1379165523 => C:\Program Files\Opera\launcher.exe [2016-08-05] (Opera Software)
Task: {C8D68626-3C96-42FC-B6A8-29F53CC89CBE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-11] (Piriform Ltd)
Task: {E13CC377-C907-48F8-9DA5-394059F586C8} - System32\Tasks\SmartGameBooster Update => C:\Program Files\PCGameBoost\Smart Game Booster\SgbUpdater.exe [2016-12-19] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\PC\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
Shortcut: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XAMPP for Windows\XAMPP Setup.lnk -> D:\XAMPP\xampp\xampp_setup.bat (No File)
Shortcut: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XAMPP for Windows\XAMPP Shell.lnk -> D:\XAMPP\xampp\xampp_shell.bat ()
Shortcut: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XAMPP for Windows\XAMPP Uninstall.lnk -> D:\XAMPP\xampp\uninstall_xampp.bat ()
Shortcut: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2018-11-19 20:12 - 2018-11-19 20:12 - 000919256 _____ () C:\Program Files\Alwil Software\Avast5\anen.dll
2018-11-19 20:12 - 2018-11-19 20:12 - 000596696 _____ () C:\Program Files\Alwil Software\Avast5\streamback.dll
2018-12-12 20:14 - 2018-12-12 20:14 - 005786256 _____ () C:\Program Files\Alwil Software\Avast5\defs\18121202\algo.dll
2018-11-19 20:12 - 2018-11-19 20:12 - 000496344 _____ () C:\Program Files\Alwil Software\Avast5\gui_cache.dll
2018-11-19 20:12 - 2018-11-19 20:12 - 000150744 _____ () C:\Program Files\Alwil Software\Avast5\hns_tools.dll
2018-11-19 20:12 - 2018-11-19 20:12 - 001112280 _____ () C:\Program Files\Alwil Software\Avast5\shepherdsync.dll
2009-10-29 16:02 - 2009-08-16 17:06 - 000141312 _____ () D:\Program Files\WinRAR\rarext.dll
2016-12-27 18:01 - 2016-12-06 15:05 - 000116912 _____ () C:\Program Files\PCGameBoost\Smart Game Booster\MenuExt32.dll
2010-11-29 14:39 - 2008-03-30 15:22 - 000070144 _____ () D:\Program Files\PSPad editor\PSPadShell.dll
2017-01-02 13:27 - 2017-01-02 13:27 - 048936448 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2017-07-26 08:58 - 2017-07-26 08:58 - 000155848 _____ () C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2018-11-15 19:03 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [TCP Query User{E17FB9AF-EB67-49B6-9B17-7B73AAFFE139}D:\xampp\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{17BC7D07-563F-4633-8012-13C199FD24DF}D:\xampp\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{FAFB15F0-61AE-4CF7-872B-4DA80DC10098}D:\xampp\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{C94E4086-A74F-41E8-8F6D-8243F8F2748F}D:\xampp\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{A4A9C9A0-E985-41D2-9CAE-BE41A9AD0C7E}D:\totalcmd\totalcmd.exe] => (Allow) D:\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{FC570EE8-8B7A-47B1-A775-745F62E6160D}D:\totalcmd\totalcmd.exe] => (Allow) D:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{7D03793F-72F7-467B-9BC8-72AFB7500505}D:\bohemia interactive\arma2.exe] => (Allow) D:\bohemia interactive\arma2.exe
FirewallRules: [UDP Query User{886E4967-2D58-4634-88B3-CEBA8462557C}D:\bohemia interactive\arma2.exe] => (Allow) D:\bohemia interactive\arma2.exe
FirewallRules: [TCP Query User{0F529481-D922-4810-85F1-2A3159A8EB72}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{92B3155C-522C-4EBF-A15E-BDF6029A6BB9}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{14CB1993-D959-4081-94CF-06D1935FE88D}D:\xampp\xampp\filezillaftp\filezilla server.exe] => (Block) D:\xampp\xampp\filezillaftp\filezilla server.exe
FirewallRules: [UDP Query User{F1C26B0C-ECD4-44FC-AD34-B70940A7704B}D:\xampp\xampp\filezillaftp\filezilla server.exe] => (Block) D:\xampp\xampp\filezillaftp\filezilla server.exe
FirewallRules: [{BA87F8EC-D2D0-4BB9-9163-04A3918A4353}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{62221B08-B99B-48AE-850A-5DB9A52738D7}D:\program files\real\realplayer\realplay.exe] => (Block) D:\program files\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{9B66585A-FCE0-49BC-8504-977A0CC9E232}D:\program files\real\realplayer\realplay.exe] => (Block) D:\program files\real\realplayer\realplay.exe
FirewallRules: [{21A7FBB6-3472-4208-8676-6ACF69EA8264}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7D105A5D-62FE-41FD-ACAF-D01E7E33042A}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{9DBC5699-EFD0-48D7-9203-870CF5B1113C}D:\program files\tmnationsforever\tmforever.exe] => (Allow) D:\program files\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{83FC7FE4-E59E-43B0-B8DB-BC602BFA55B3}D:\program files\tmnationsforever\tmforever.exe] => (Allow) D:\program files\tmnationsforever\tmforever.exe
FirewallRules: [{46BBA9BD-2FB1-4A08-8AEE-40C5BF079998}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{949A077A-E895-4842-BF5D-BB7A66ED7C24}] => (Allow) LPort=2869
FirewallRules: [{A3CDEE69-F1BE-44D8-9D2D-6CA293C5CEF4}] => (Allow) LPort=1900
FirewallRules: [{939C6C33-5565-4352-AC77-16438A25F39D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D3DF2035-151D-436A-9447-62546E002223}] => (Allow) C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{41CF11D5-8742-4C90-BE20-AF1A6EA26F6F}] => (Allow) C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E6EC16E3-C124-478B-8EA0-8330AD27233E}D:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) D:\users\pc\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{97DF6132-F492-4FC1-8628-6B300072C762}D:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) D:\users\pc\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{83A78EE8-7F76-4AF2-921A-B5DB4CC367C6}C:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{66E6454E-CE17-463D-9FF5-D3D86245C63E}C:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{474FBF13-6135-4123-A819-98CEAEB616AF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A65D4646-86F4-4ACC-8618-C7EF340A917F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{93C34727-135E-469A-9825-05923AD48B3E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7D0E173B-9F7E-45B4-83E7-D45576DEB39C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{6F87F793-EEC3-4728-8386-98185A0E936E}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe
FirewallRules: [{378D0D27-0513-4924-8C64-A8C4B1245912}] => (Allow) LPort=5357
FirewallRules: [{09FD880E-3B7E-4173-ACB2-D936CBCAB1AB}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{87943284-8B5A-48D5-97EF-0A1502DE594A}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{906360CD-39B1-46AA-B84D-314DD05A9CF7}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{BB887E72-E460-4771-A05F-FC90CB6FE692}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{99B430B3-0B22-4642-9CAD-877E4AE93C6B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3ACF8D87-62E1-4EF1-8331-EC8C9FD44AC2}] => (Allow) D:\Program Files\EA GAMES\Battlefield 2 Demo\BF2.exe
FirewallRules: [{2FBE9944-D4D6-45BC-812C-608DB64412F6}] => (Allow) D:\Program Files\EA GAMES\Battlefield 2 Demo\BF2.exe
FirewallRules: [TCP Query User{0AA671B6-CA8B-4740-8BAC-585FB01567C9}D:\bohemia interactive\arma2server.exe] => (Block) D:\bohemia interactive\arma2server.exe
FirewallRules: [UDP Query User{2666A5C4-1C7D-4BFB-A5B5-5571CBE84823}D:\bohemia interactive\arma2server.exe] => (Block) D:\bohemia interactive\arma2server.exe
FirewallRules: [{ED388C26-2BD8-4B16-817B-8431F9D10F00}] => (Allow) D:\Program Files\Bohemia Interactive\Arma Cold War Assault\ColdWarAssault.exe
FirewallRules: [{16651456-26E6-4B71-B405-B2472B21FD99}] => (Allow) D:\Program Files\Bohemia Interactive\Arma Cold War Assault\ColdWarAssault.exe
FirewallRules: [{7891FB91-B6C6-4DED-9B27-36E23C881702}] => (Allow) D:\Program Files\Bohemia Interactive\Arma Cold War Assault\ColdWarAssault_Server.exe
FirewallRules: [{B073C922-2B77-4900-8125-7C507E4169F6}] => (Allow) D:\Program Files\Bohemia Interactive\Arma Cold War Assault\ColdWarAssault_Server.exe
FirewallRules: [{178EE005-D2A0-489A-9ED0-A92521F42C20}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS3BD1\HPDiagnosticCoreUI.exe
FirewallRules: [{7BB17FC8-45BA-4A10-AD4D-BC5FDD7384CD}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS3BD1\HPDiagnosticCoreUI.exe
FirewallRules: [{80CC9BDB-DC99-44B1-98E6-F27233A34D9E}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS3DAE\HPDiagnosticCoreUI.exe
FirewallRules: [{9408AA15-5F02-40A5-BBA4-E16A745F68B1}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS3DAE\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{D8EB0E8D-B32F-4180-9406-CFB8A199FA77}D:\program files\bohemia interactive\arma cold war assault\coldwarassault.exe] => (Allow) D:\program files\bohemia interactive\arma cold war assault\coldwarassault.exe
FirewallRules: [UDP Query User{8326C5D8-CA23-404F-A456-AB838256E783}D:\program files\bohemia interactive\arma cold war assault\coldwarassault.exe] => (Allow) D:\program files\bohemia interactive\arma cold war assault\coldwarassault.exe
FirewallRules: [TCP Query User{D4CC99CA-555D-48A4-AEAC-B44EB58DC553}D:\bohemia interactive\arma2.exe] => (Allow) D:\bohemia interactive\arma2.exe
FirewallRules: [UDP Query User{2F8ED82A-7853-428F-B5AE-AD1B12D76F2E}D:\bohemia interactive\arma2.exe] => (Allow) D:\bohemia interactive\arma2.exe
FirewallRules: [{74965551-4C11-49CA-8E9A-8EEE87A3845A}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS259F\HPDiagnosticCoreUI.exe
FirewallRules: [{60471B26-7D84-4854-8E55-8BF408842EEA}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS259F\HPDiagnosticCoreUI.exe
FirewallRules: [{7DDFBEC5-51BF-4FDA-BA04-0DD9A1702544}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS3E13\HPDiagnosticCoreUI.exe
FirewallRules: [{472E7302-96F3-40F6-AF32-AD3A42814ABF}] => (Allow) C:\Users\PC\AppData\Local\temp\7zS3E13\HPDiagnosticCoreUI.exe
FirewallRules: [{E0793C8D-71F9-47BF-857E-5474B0314A1C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{787571E1-4176-4810-9FEC-E1C46B029249}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{251BB831-2690-4C28-93D6-C2524DDE947D}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe
FirewallRules: [{4853345F-71A8-410D-ADC3-21CA7099B559}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe

==================== Restore Points =========================

06-12-2018 17:57:53 Naplánovaný kontrolní bod
07-12-2018 10:58:18 Naplánovaný kontrolní bod
11-12-2018 14:07:37 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: AW2UU4ZC IDE Controller
Description: AW2UU4ZC IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: avdijsm2
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/12/2018 09:07:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/12/2018 08:12:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/12/2018 12:11:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/12/2018 09:03:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/11/2018 08:23:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/11/2018 04:57:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/11/2018 03:26:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/11/2018 12:16:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (12/12/2018 09:09:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (12/12/2018 09:09:44 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (12/12/2018 09:07:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba VBoxAsw Support Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (12/12/2018 08:15:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (12/12/2018 08:15:07 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (12/12/2018 08:12:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba VBoxAsw Support Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (12/12/2018 12:12:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (12/12/2018 12:12:55 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).


CodeIntegrity:
===================================

Date: 2018-12-12 22:02:32.540
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-12-12 22:02:32.072
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-12-12 22:02:31.589
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-12-12 22:02:31.105
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-12-12 22:01:33.282
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-12-08 21:03:43.014
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-12-08 21:03:42.546
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2018-12-08 21:03:42.093
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q9400 @ 2.66GHz
Percentage of memory in use: 36%
Total physical RAM: 3325.58 MB
Available physical RAM: 2116.42 MB
Total Virtual: 6886.13 MB
Available Virtual: 5823.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:156.25 GB) (Free:46.28 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:439.92 GB) (Free:388.29 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 505FDA6B)
Partition 1: (Active) - (Size=156.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=439.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivní kontrolu

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: D:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.11.7.6009\BVDChromeExt.crx
    File: C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe
    File: D:\Program Files\RivaTuner v2.23\RivaTuner32.sys
    File: C:\Windows\System32\DRIVERS\s1018mgmt.sys
    Folder: C:\Program Files\PCGameBoost
    
    HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
    CHR NewTab: Default ->  Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
    VirusTotal: D:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.11.7.6009\BVDChromeExt.crx
    S3 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X]
    S3 cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [X] <==== ATTENTION
    S2 VBoxAswDrv; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [X]
    U3 avdijsm2; no ImagePath
    2018-12-08 20:58 - 2018-12-08 20:59 - 000000000 ____D C:\rsit
    2018-12-08 20:57 - 2018-12-08 20:58 - 001107968 _____ C:\Users\PC\Downloads\RSIT.exe
    2018-12-08 21:03 - 2012-01-30 16:05 - 000000000 ____D C:\Program Files\trend micro
    2018-05-07 21:31 - 2018-05-07 21:31 - 000029696 _____ () C:\Users\PC\AppData\Local\MSGBOX.EXE
    2011-09-30 12:37 - 2011-09-30 12:38 - 000000000 _____ () C:\Users\PC\AppData\Local\{573435C1-A685-4840-9E50-A8728DBEEF48}
    ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CPUID CPU-Z_is1
    ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart Game Booster_is1
    CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.32.7\psuser.dll => No File
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

T72
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 02 lis 2011 18:31

Re: Prosím o preventivní kontrolu

#7 Příspěvek od T72 »

Fix result of Farbar Recovery Scan Tool (x86) Version: 09.12.2018
Ran by PC (15-12-2018 20:35:05) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & UpdatusUser)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: D:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.11.7.6009\BVDChromeExt.crx
File: C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe
File: D:\Program Files\RivaTuner v2.23\RivaTuner32.sys
File: C:\Windows\System32\DRIVERS\s1018mgmt.sys
Folder: C:\Program Files\PCGameBoost

HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
VirusTotal: D:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.11.7.6009\BVDChromeExt.crx
S3 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X]
S3 cpuz138; \??\C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [X] <==== ATTENTION
S2 VBoxAswDrv; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [X]
U3 avdijsm2; no ImagePath
2018-12-08 20:58 - 2018-12-08 20:59 - 000000000 ____D C:\rsit
2018-12-08 20:57 - 2018-12-08 20:58 - 001107968 _____ C:\Users\PC\Downloads\RSIT.exe
2018-12-08 21:03 - 2012-01-30 16:05 - 000000000 ____D C:\Program Files\trend micro
2018-05-07 21:31 - 2018-05-07 21:31 - 000029696 _____ () C:\Users\PC\AppData\Local\MSGBOX.EXE
2011-09-30 12:37 - 2011-09-30 12:38 - 000000000 _____ () C:\Users\PC\AppData\Local\{573435C1-A685-4840-9E50-A8728DBEEF48}
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CPUID CPU-Z_is1
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart Game Booster_is1
CustomCLSID: HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.32.7\psuser.dll => No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 107
Average :
Sum : 69598400
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: D:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.11.7.6009\BVDChromeExt.crx ========================

D:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.11.7.6009\BVDChromeExt.crx
File not signed
MD5: 0119ABA28026BD4BFA55D1FA9D8D323E
Creation and modification date: 2016-06-24 13:06 - 2016-06-14 13:08
Size: 000089303
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe ========================

"C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe" => not found
====== End of File: ======


========================= File: D:\Program Files\RivaTuner v2.23\RivaTuner32.sys ========================

D:\Program Files\RivaTuner v2.23\RivaTuner32.sys
File not signed
MD5: C0C8909BE3ECC9DF8089112BF9BE954E
Creation and modification date: 2009-02-15 14:50 - 2009-02-15 14:50
Size: 000009088
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/6f9bb11 ... 520381424/

====== End of File: ======


========================= File: C:\Windows\System32\DRIVERS\s1018mgmt.sys ========================

C:\Windows\System32\DRIVERS\s1018mgmt.sys
File not signed
MD5: F4CEDA6E2DDFF2AF8BD745615A7CA9C0
Creation and modification date: 2010-07-12 10:27 - 2009-03-25 16:48
Size: 000106208
Attributes: ----A
Company Name: MCCI Corporation
Internal Name: s1018mgmt.sys
Original Name: s1018mgmt.sys
Product: Sony Ericsson Device 1018 USB WMC Device Management
Description: Sony Ericsson Device 1018 USB WMC Device Management Driver
File Version: V4.50
Product Version: V4.50
Copyright: Copyright (c) 1997-2008 MCCI Corporation
VirusTotal: https://www.virustotal.com/file/9d32b43 ... 512623571/

====== End of File: ======


========================= Folder: C:\Program Files\PCGameBoost ========================

2016-12-27 18:01 - 2017-10-31 18:28 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files\PCGameBoost\Smart Game Booster
2016-12-27 18:01 - 2015-04-10 14:19 - 000017068 ____A [C2C0D5058284FC3F250C8CD11C3F967C] () C:\Program Files\PCGameBoost\Smart Game Booster\Alarm.wav
2016-12-27 18:01 - 2016-12-28 18:55 - 001256112 ____A [7686B7F5D81C619D3A357345E97B4DB2] () C:\Program Files\PCGameBoost\Smart Game Booster\BugReport.exe
2017-10-31 18:28 - 2017-10-31 18:28 - 000028595 ____A [9A4A3F2208EF6B20721573A12A90AA1A] () C:\Program Files\PCGameBoost\Smart Game Booster\bugreport.txt
2016-12-27 18:01 - 2016-12-06 15:04 - 001407152 ____A [21FA8FA09F63E7F53948985D67A97A1E] (CPUID) C:\Program Files\PCGameBoost\Smart Game Booster\cpuidsdk.dll
2016-12-27 18:01 - 2016-12-06 15:04 - 002113200 ____A [47C22EAC693C6A9C45C03C8E8B034566] (Microsoft Corporation) C:\Program Files\PCGameBoost\Smart Game Booster\D3DCompiler_43.dll
2016-12-27 18:01 - 2016-12-06 15:04 - 000477872 ____A [FE4929B99B9B32C232E0EAED0F2BF9C2] (Microsoft Corporation) C:\Program Files\PCGameBoost\Smart Game Booster\d3dx10_43.dll
2016-12-27 18:01 - 2016-12-06 15:04 - 000255664 ____A [B97AD8BE26A450827E84FBF567C8C952] (Microsoft Corporation) C:\Program Files\PCGameBoost\Smart Game Booster\d3dx11_43.dll
2016-12-27 18:01 - 2016-12-06 15:04 - 000277168 ____A [431033B6EB9F56A925FD007BE7C870EC] () C:\Program Files\PCGameBoost\Smart Game Booster\D3DX8Wrapper.dll
2016-12-27 18:01 - 2016-12-06 15:04 - 002005168 ____A [78E32D71D1C1D6E589ABEA878E4AA8DA] (Microsoft Corporation) C:\Program Files\PCGameBoost\Smart Game Booster\D3DX9_43.dll
2016-12-27 18:01 - 2016-12-06 15:04 - 000072880 ____A [53640B4C206A94EFBACA978341A2EF14] (IObit) C:\Program Files\PCGameBoost\Smart Game Booster\DataState.dll
2016-12-27 18:01 - 2016-12-06 15:05 - 000382128 ____A [42B5A39A72D8EE86AB0F4DD7B51AC667] () C:\Program Files\PCGameBoost\Smart Game Booster\DX_Check.dll
2016-12-27 18:01 - 2016-12-08 15:56 - 000796848 ____A [6BE50D09FB47C8359A06DA065D5D30DC] () C:\Program Files\PCGameBoost\Smart Game Booster\DX_Info.dll
2016-12-27 18:01 - 2016-12-08 15:56 - 000523952 ____A [EB66B8464663111715E86A7749AE1760] () C:\Program Files\PCGameBoost\Smart Game Booster\DX_Output.dll
2016-12-27 18:01 - 2016-12-06 15:05 - 000229552 ____A [EBA37B659959A5561C5F6575E788ED16] (easyhook.codeplex.com) C:\Program Files\PCGameBoost\Smart Game Booster\EasyHook32.dll
2016-12-27 18:01 - 2016-12-15 17:15 - 000021366 ____A [D479C4F7E6E70996DC830E20C57F6E0D] () C:\Program Files\PCGameBoost\Smart Game Booster\EULA.rtf
2017-10-31 18:28 - 2017-10-31 18:28 - 000016471 ____A [0D720BD5B610A9ED57EACF44AE53AB7D] () C:\Program Files\PCGameBoost\Smart Game Booster\ExceptReport.txt
2016-12-27 18:01 - 2016-12-13 16:21 - 000000901 ____A [6E9A647376A949AD0571428D45E83AC5] () C:\Program Files\PCGameBoost\Smart Game Booster\FpsFilterList.txt
2016-12-27 18:01 - 2016-12-06 15:05 - 000060080 ____A [DBF1847CEF3988DABE4436FAE28979E2] (IObit) C:\Program Files\PCGameBoost\Smart Game Booster\FPSSource.dll
2016-12-27 18:01 - 2016-12-06 15:05 - 000142512 ____A [6EE39AFF89927DABB9ECFCB6D1E82C0A] () C:\Program Files\PCGameBoost\Smart Game Booster\FW1FontWrapper.dll
2016-12-27 18:01 - 2016-12-26 17:06 - 000000991 ____A [0F70A3BC0490C4F2A3D54BACE3659FCA] () C:\Program Files\PCGameBoost\Smart Game Booster\History.txt
2016-12-27 18:01 - 2016-12-06 15:05 - 000210608 ____A [F8395BA6E3E6FC8B718063781FE69800] () C:\Program Files\PCGameBoost\Smart Game Booster\madBasic_.bpl
2016-12-27 18:01 - 2016-12-06 15:05 - 000059568 ____A [4D1649C8115F864DF93875F79461501F] () C:\Program Files\PCGameBoost\Smart Game Booster\madDisAsm_.bpl
2016-12-27 18:01 - 2016-12-06 15:05 - 000442032 ____A [5DE8F5D1977FD1E7B7E6301E979CE7C7] () C:\Program Files\PCGameBoost\Smart Game Booster\madExcept_.bpl
2016-12-27 18:01 - 2016-12-06 15:05 - 000116912 ____A [853262AD77AD8626CC844756B10845EB] () C:\Program Files\PCGameBoost\Smart Game Booster\MenuExt32.dll
2016-12-27 18:01 - 2016-12-06 15:05 - 000133296 ____A [D50555724DA3762616DA29DEED57B78F] () C:\Program Files\PCGameBoost\Smart Game Booster\MenuExt64.dll
2016-12-27 18:01 - 2016-12-15 18:22 - 001138352 ____A [3A20441242655E200C147B5212D666D9] () C:\Program Files\PCGameBoost\Smart Game Booster\MsgBox.dll
2016-12-27 18:01 - 2016-12-06 15:05 - 000070320 ____A [27C2B0483D0FFFDE0682F69D40C64AAD] (IObit) C:\Program Files\PCGameBoost\Smart Game Booster\PowerMgr.dll
2016-12-27 18:01 - 2016-12-06 15:05 - 001108144 ____A [7B0D026F423A5ECBC045429B438F41BB] (Embarcadero Technologies, Inc.) C:\Program Files\PCGameBoost\Smart Game Booster\rtl120.bpl
2016-12-27 18:01 - 2016-12-19 17:17 - 000795312 ____A [0B207EC9CFFD782029AC549A50014BFB] () C:\Program Files\PCGameBoost\Smart Game Booster\SgbInit.exe
2016-12-27 18:01 - 2016-12-20 11:08 - 003665072 ____A [587A5E3D08B12D441729422E490F0260] () C:\Program Files\PCGameBoost\Smart Game Booster\SgbMain.exe
2016-12-27 18:01 - 2016-12-20 11:08 - 000708272 ____A [AD4DEE7E97F93D72648C8C28817CF9A3] () C:\Program Files\PCGameBoost\Smart Game Booster\SgbMini.exe
2016-12-27 18:01 - 2016-12-19 20:57 - 001383600 ____A [D2F741648D9A650D9037CB43D0E5FD06] () C:\Program Files\PCGameBoost\Smart Game Booster\SgbTray.exe
2016-12-27 18:01 - 2016-12-19 20:30 - 002790576 ____A [F02D7FD5A36A54AB6455B9C8DEF18541] () C:\Program Files\PCGameBoost\Smart Game Booster\SgbUpdater.exe
2016-12-27 18:01 - 2016-12-06 15:09 - 000523952 ____A [EA8F4197D998687283A2BED9AD02D3BA] () C:\Program Files\PCGameBoost\Smart Game Booster\SQLite3.dll
2016-12-27 18:01 - 2016-12-15 18:22 - 001142448 ____A [C3D0ECB12C8E7EF9E875CA75E6A4D600] () C:\Program Files\PCGameBoost\Smart Game Booster\StatInst.exe
2016-12-27 18:01 - 2016-12-06 15:05 - 000631472 ____A [11B8B85421B4D4C0E34518CBDB7AFE90] () C:\Program Files\PCGameBoost\Smart Game Booster\StatTool.dll
2016-12-27 18:01 - 2016-12-15 18:22 - 000601776 ____A [42956FE3C9AC6B22F04608F1C4C4D88F] () C:\Program Files\PCGameBoost\Smart Game Booster\StatUser.exe
2016-12-27 18:01 - 2016-12-06 15:05 - 000134320 ____A [07A2E2234DFB76008194F5DA6B59DE63] (IObit) C:\Program Files\PCGameBoost\Smart Game Booster\Temperature.dll
2016-12-27 18:01 - 2016-12-27 18:01 - 000075839 ____A [CC4109554F0C5316946EBF8B58B56665] () C:\Program Files\PCGameBoost\Smart Game Booster\unins000.dat
2016-12-27 18:01 - 2016-12-27 18:01 - 001298608 ____A [9A5863F169D61D5FA95BA93F14CC39B1] () C:\Program Files\PCGameBoost\Smart Game Booster\unins000.exe
2016-12-27 18:01 - 2016-12-27 18:01 - 000026437 ____A [8709849DEE33D8B06549AA803836C7A0] () C:\Program Files\PCGameBoost\Smart Game Booster\unins000.msg
2016-12-27 18:01 - 2016-12-06 15:05 - 002008752 ____A [70A69547BD26A4E3912DBE3458F89DB4] (Embarcadero Technologies, Inc.) C:\Program Files\PCGameBoost\Smart Game Booster\vcl120.bpl
2016-12-27 18:01 - 2016-12-06 15:05 - 000222384 ____A [5453024E19026C1D139E4CB903A84CD7] (Embarcadero Technologies, Inc.) C:\Program Files\PCGameBoost\Smart Game Booster\vclx120.bpl
2016-12-27 18:01 - 2016-12-06 15:05 - 000899760 ____A [8658293FEF3EA61218D6AEE63C6CAF8B] () C:\Program Files\PCGameBoost\Smart Game Booster\WebRes.dll
2016-12-27 18:01 - 2016-12-27 18:01 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files\PCGameBoost\Smart Game Booster\Database
2016-12-27 18:01 - 2016-12-08 16:14 - 000004114 ____A [D7EC113E92351792284A35988C3C31C3] () C:\Program Files\PCGameBoost\Smart Game Booster\Database\SysSpeed.dbd
2016-12-27 18:01 - 2016-12-27 18:01 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files\PCGameBoost\Smart Game Booster\Language
2016-12-27 18:01 - 2016-12-19 10:29 - 000031480 ____A [354A6FAA7783312FE2244C1FF889FE95] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\Arabic.lng
2016-12-27 18:01 - 2016-12-19 10:31 - 000056224 ____A [3FA504B60BF1436BF51171B0257F8BB7] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\Czech.lng
2016-12-27 18:01 - 2016-12-19 10:32 - 000038434 ____A [85443DFE577DD7C2EDF90821627B0AD9] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\Danish.lng
2016-12-27 18:01 - 2016-12-19 10:33 - 000040818 ____A [1D9102A00A4D3B0E686A15F4A0809A23] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\Dutch.lng
2016-12-27 18:01 - 2016-12-19 11:11 - 000038204 ____A [B82B4586797FC738F9DAC200A37CD098] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\English.lng
2016-12-27 18:01 - 2016-12-19 10:33 - 000038772 ____A [87FC19198B74DEC73D3B85F7D97EE16A] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\Finnish.lng
2016-12-27 18:01 - 2016-12-19 10:34 - 000037312 ____A [9118F96EFA0FDC51BA0DCE3BBDE8A051] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\German.lng
2016-12-27 18:01 - 2016-12-19 10:35 - 000029686 ____A [BF27977659476859105660AB1A27EEA4] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\Hebrew.lng
2016-12-27 18:01 - 2016-12-19 16:18 - 000036420 ____A [F3002195E7B40226181F5197FF4472A4] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\Hungarian.lng
2016-12-27 18:01 - 2016-12-19 20:44 - 000022898 ____A [8AE3FAED55DDC42B4FB715FC26197A3A] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\ChineseSimp.lng
2016-12-27 18:01 - 2016-12-19 11:18 - 000023198 ____A [F0CFDD4283FAF9BE9DBA67A98E3C3BCA] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\ChineseTrad.lng
2016-12-27 18:01 - 2016-12-19 10:36 - 000019684 ____A [C3537B3B9F8BFE1A6FDD05EFB2CE8CDC] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\Japanese.lng
2016-12-27 18:01 - 2016-12-19 10:37 - 000026524 ____A [85E01EBEF1179A9CF9DEFB7F7D23048F] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\Korean.lng
2016-12-27 18:01 - 2016-12-19 10:38 - 000040984 ____A [CD5CA9D0FEB802BF292BE5D65E4A213B] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\Portuguese (PT-BR).lng
2016-12-27 18:01 - 2016-12-19 10:40 - 000036218 ____A [520425203836E525A3D1E7D3CB23BF37] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\Thai.lng
2016-12-27 18:01 - 2016-12-19 10:41 - 000040398 ____A [08B9D13A04BF851F930498F14BA81A82] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\Turkish.lng
2016-12-27 18:01 - 2016-12-19 10:42 - 000039690 ____A [582B7867F14B7DAE5F7DA01BDF9F3594] () C:\Program Files\PCGameBoost\Smart Game Booster\Language\Vietnamese.lng
2016-12-27 18:01 - 2018-09-11 12:29 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files\PCGameBoost\Smart Game Booster\LatestNews
2018-09-11 12:29 - 2018-09-11 12:29 - 000002004 ____A [FF0DFE9B2CF76868B467AFAAA44F90D4] () C:\Program Files\PCGameBoost\Smart Game Booster\LatestNews\imagenews.png
2018-09-11 12:29 - 2018-09-11 12:29 - 000002004 ____A [FF0DFE9B2CF76868B467AFAAA44F90D4] () C:\Program Files\PCGameBoost\Smart Game Booster\LatestNews\imagenews_B.png
2016-12-27 18:01 - 2018-09-11 12:29 - 000001702 ____A [09071A3ADB6BBE0C3DCCD5D751E34767] () C:\Program Files\PCGameBoost\Smart Game Booster\LatestNews\LatestNews.ini
2016-12-27 18:01 - 2016-12-27 18:01 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files\PCGameBoost\Smart Game Booster\PinTools
2016-12-27 18:01 - 2016-12-15 18:22 - 000387760 ____A [897BCA9F67C8104C527D9B1992FC4624] () C:\Program Files\PCGameBoost\Smart Game Booster\PinTools\PinTool32.dll
2016-12-27 18:01 - 2016-12-15 18:22 - 000381104 ____A [90086D18B405AB3261216EE716F51D74] () C:\Program Files\PCGameBoost\Smart Game Booster\PinTools\PinTool32.exe
2016-12-27 18:01 - 2016-12-15 18:22 - 000615088 ____A [D4A14B49C1520B806B08C225AB2C6CF6] () C:\Program Files\PCGameBoost\Smart Game Booster\PinTools\PinTool64.dll
2016-12-27 18:01 - 2016-12-15 18:22 - 000584368 ____A [D345ED698AA8E31831CA7CB56C7A7E7C] () C:\Program Files\PCGameBoost\Smart Game Booster\PinTools\PinTool64.exe
2016-12-27 18:01 - 2018-09-11 12:29 - 000000000 ___HD [00000000000000000000000000000000] () C:\Program Files\PCGameBoost\Smart Game Booster\Update
2016-12-27 18:01 - 2018-09-11 12:29 - 000000917 ____A [F68B86C8FB9388C4471B53EA46304294] () C:\Program Files\PCGameBoost\Smart Game Booster\Update\Update.ini

====== End of Folder: ======

"HKU\S-1-5-21-1484727336-25265518-3277325258-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully.
"Chrome NewTab" => removed successfully.
VirusTotal: D:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.11.7.6009\BVDChromeExt.crx => (3) Error
HKLM\System\CurrentControlSet\Services\AvastVBoxSvc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\cpuz138 => removed successfully.
cpuz138 => service removed successfully.
HKLM\System\CurrentControlSet\Services\VBoxAswDrv => could not remove, key could be protected
avdijsm2 => service not found.
C:\rsit => moved successfully
C:\Users\PC\Downloads\RSIT.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\PC\AppData\Local\MSGBOX.EXE => moved successfully
C:\Users\PC\AppData\Local\{573435C1-A685-4840-9E50-A8728DBEEF48} => moved successfully
================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CPUID CPU-Z_is1]
"Inno Setup: Setup Version"="5.5.9 (a)"
"Inno Setup: App Path"="D:\Program Files\CPUID\CPU-Z"
"InstallLocation"="D:\Program Files\CPUID\CPU-Z\"
"Inno Setup: Icon Group"="CPUID\CPU-Z"
"Inno Setup: User"="PC"
"Inno Setup: Selected Tasks"="desktopicon"
"Inno Setup: Deselected Tasks"=""
"Inno Setup: Language"="default"
"DisplayName"="CPUID CPU-Z 1.78"
"DisplayIcon"="D:\Program Files\CPUID\CPU-Z\cpuz.exe"
"UninstallString"=""D:\Program Files\CPUID\CPU-Z\unins000.exe""
"QuietUninstallString"=""D:\Program Files\CPUID\CPU-Z\unins000.exe" /SILENT"
"NoModify"="1"
"NoRepair"="1"
"InstallDate"="20170319"

=== End of ExportKey ===
================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart Game Booster_is1]
"Inno Setup: Setup Version"="5.5.6 (u)"
"Inno Setup: App Path"="C:\Program Files\PCGameBoost\Smart Game Booster"
"InstallLocation"="C:\Program Files\PCGameBoost\Smart Game Booster\"
"Inno Setup: Icon Group"="Smart Game Booster 4"
"Inno Setup: User"="PC"
"Inno Setup: Selected Tasks"="desktopicon,quicklaunchicon"
"Inno Setup: Deselected Tasks"=""
"Inno Setup: Language"="Czech"
"DisplayName"="Smart Game Booster 4"
"DisplayIcon"="C:\Program Files\PCGameBoost\Smart Game Booster\SgbMain.exe"
"UninstallString"=""C:\Program Files\PCGameBoost\Smart Game Booster\unins000.exe""
"QuietUninstallString"=""C:\Program Files\PCGameBoost\Smart Game Booster\unins000.exe" /SILENT"
"DisplayVersion"="4.0.0"
"Publisher"="Smart Game Booster"
"NoModify"="1"
"NoRepair"="1"
"InstallDate"="20161227"
"MajorVersion"="4"
"MinorVersion"="0"

=== End of ExportKey ===
HKU\S-1-5-21-1484727336-25265518-3277325258-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7086403 B
Java, Flash, Steam htmlcache => 1080 B
Windows/system/drivers => 12605 B
Edge => 0 B
Chrome => 8167987 B
Firefox => 20181043 B
Opera => 13442708 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 692 B
LocalService => 679987 B
NetworkService => 0 B
PC => 2306972 B
apache2triad => 0 B
apache2triad.PC-PC => 0 B
apache2triad.PC-PC.000 => 0 B
apache2triad.PC-PC.001 => 0 B
UpdatusUser => 0 B

RecycleBin => 0 B
EmptyTemp: => 57.5 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 15-12-2018 20:40:04)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\AvastVBoxSvc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\VBoxAswDrv => could not remove, key could be protected

==== End of Fixlog 20:40:04 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivní kontrolu

#8 Příspěvek od Conder »

:arrow: Program Smart Game Booster odporucam odinstalovat, nakolko pouziva aj sucasti (kniznice) podpisane firmou IObit, ktorej programy (napr. Advanced SystemCare) maju velmi zlu reputaciu a mozu poskodit system.

:arrow: Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

T72
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 02 lis 2011 18:31

Re: Prosím o preventivní kontrolu

#9 Příspěvek od T72 »

Vše pracuje jak má, děkuji za pomoc.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivní kontrolu

#10 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět