Stránka 1 z 1

Prosím o kontrolku

Napsal: 21 pro 2018 17:57
od Simicek
Zdravím, poprosil bych o kontrolu. Jestli je vše ok.


Logfile of random's system information tool 1.10 (written by random/random)
Run by David Hynek at 2018-12-21 17:54:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 152 GB (50%) free of 307 GB
Total RAM: 6048 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:54:37, on 21.12.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\Discord.exe
C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\Discord.exe
D:\Steam\Steam.exe
C:\Program Files\trend micro\David Hynek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [TSMApplication] "C:\TradeSkillMaster Application\app\TSMApplication.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = D:\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.download.microsoft.com
O15 - Trusted Zone: http://*.update.microsoft.com
O15 - Trusted Zone: http://*.windowsupdate.com
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11801 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2892
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" -EMBEDDING
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\X-Mouse Button Control\XMouseButtonControl.exe" /notportable
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
"C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\Discord.exe"
"C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\Discord.exe" --type=renderer --no-sandbox --primordial-pipe-token=A4167F11A73AD93DE64733736AC72EE8 --lang=cs --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\resources\app.asar" --node-integration=false --preload="C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_desktop_core\core.asar\app\mainScreenPreload.js" --background-color=#2f3136 --enable-blink-features=EnumerateDevices,AudioOutputDevices --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=A4167F11A73AD93DE64733736AC72EE8 --renderer-client-id=5 --mojo-platform-channel-handle=1672 /prefetch:1

"D:\Steam\Steam.exe"
D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe "-lang=en_US" "-cachedir=C:\Users\David Hynek\AppData\Local\Steam\htmlcache" "-steampid=7748" "-buildid=1543346820" "-steamid=0" "-steamuniverse=Dev" "-clientui=D:\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-features=TouchpadAndWheelScrollLatching,AsyncWheelEvents --enable-media-stream --disable-smooth-scrolling --num-raster-threads=4 --enable-direct-write --disablehighdpi --force-device-scale-factor=1 --device-scale-factor=1 "--log-file=D:\Steam\logs\cef_log.txt"
D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler --database=D:\Steam\dumps "--metrics-dir=C:\Users\David Hynek\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1543346820 --initial-client-data=0x1d0,0x1ec,0x1f0,0x1cc,0x1f4,0x7fede361f78,0x7fede361f88,0x7fede361f98
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --log-file="D:\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --lang=cs-CZ --force-device-scale-factor=1 --disablehighdpi --buildid=1543346820 --steamid=0 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --log-file="D:\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --lang=cs-CZ --force-device-scale-factor=1 --disablehighdpi --buildid=1543346820 --steamid=0 --service-request-channel-token=7642E49D64B6AD650049CC8D3C6C801D --mojo-platform-channel-handle=1108 --ignored=" --type=renderer " /prefetch:2
"D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --force-device-scale-factor=1 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=B4C3AF8A426FE808C64F5F0210A07BA8 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="D:\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --disable-spell-checking --force-device-scale-factor=1 --disablehighdpi --buildid=1543346820 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=B4C3AF8A426FE808C64F5F0210A07BA8 --renderer-client-id=4 --mojo-platform-channel-handle=1588 /prefetch:1
"D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --force-device-scale-factor=1 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=6125DB6DC17F0CFFCF48CB22CE26FB64 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="D:\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --disable-spell-checking --force-device-scale-factor=1 --disablehighdpi --buildid=1543346820 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=6125DB6DC17F0CFFCF48CB22CE26FB64 --renderer-client-id=9 --mojo-platform-channel-handle=2232 /prefetch:1
taskeng.exe {4C42C99F-5A44-42A5-B4DB-6FEC2FA2E75E}
"C:\CCleaner\CCleaner64.exe" /monitor
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe26_ Global\UsGthrCtrlFltPipeMssGthrPipe26 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=71.0.3578.98 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7feec1e64d0,0x7feec1e64e0,0x7feec1e64f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=8016 --on-initialized-event-handle=380 --parent-handle=384 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1316,11738339948053768543,11589986976142871407,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=14948241425904001255 --mojo-platform-channel-handle=1324 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1316,11738339948053768543,11589986976142871407,131072 --service-pipe-token=7286304227319887591 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7286304227319887591 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2144 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1316,11738339948053768543,11589986976142871407,131072 --service-pipe-token=15621407452465369213 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15621407452465369213 --renderer-client-id=3 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2608 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1316,11738339948053768543,11589986976142871407,131072 --service-pipe-token=17538042629076211547 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17538042629076211547 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2828 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1316,11738339948053768543,11589986976142871407,131072 --service-pipe-token=17092040284159098459 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17092040284159098459 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2952 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1316,11738339948053768543,11589986976142871407,131072 --disable-gpu-compositing --service-pipe-token=16848830935556533934 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16848830935556533934 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1316,11738339948053768543,11589986976142871407,131072 --disable-gpu-compositing --service-pipe-token=18327866451506530707 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18327866451506530707 --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1316,11738339948053768543,11589986976142871407,131072 --disable-gpu-compositing --service-pipe-token=13732681912714397697 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13732681912714397697 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4340 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1316,11738339948053768543,11589986976142871407,131072 --disable-gpu-compositing --service-pipe-token=15353822120901455995 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15353822120901455995 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1552 /prefetch:1
"C:\Users\David Hynek\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

=========Mozilla firefox=========

ProfilePath - C:\Users\David Hynek\AppData\Roaming\Mozilla\Firefox\Profiles\3x5rgwnq.default-1458296225216

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-01-11 1483264]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-03-21 361984]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-05-05 2785064]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2011-05-05 97064]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-13 617120]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-13 379552]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-10-18 10357008]
"XMouseButtonControl"=C:\X-Mouse Button Control\XMouseButtonControl.exe [2016-05-22 1161240]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2015-06-01 453552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2017-01-11 16781824]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2017-09-19 1923008]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-12-20 242392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TSMApplication"=C:\TradeSkillMaster Application\app\TSMApplication.exe [2018-12-10 1623040]
"CCleaner Smart Cleaning"=C:\CCleaner\CCleaner64.exe [2018-12-10 19589208]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-10-19 3331312]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-22 5716608]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"SystemExplorerAutoStart"=C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2015-08-19 3389160]
"ASUS Screen Saver Protector"=C:\Windows\AsScrPro.exe [2012-02-10 3058304]
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-20 107816]
"GrooveMonitor"=D:\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

C:\Users\David Hynek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - D:\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll, C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"midi1"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"VIDC.FPS1"=frapsv64.dll
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2431-09-15 19:37:49 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys
2431-09-15 19:37:49 ----A---- C:\Windows\system32\drivers\HECIx64.sys
2018-12-21 17:54:28 ----D---- C:\rsit
2018-12-20 21:32:21 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2018-12-20 21:31:43 ----A---- C:\Windows\system32\aswBoot.exe
2018-12-16 20:12:55 ----D---- C:\ProgramData\Path of Building
2018-12-16 20:12:55 ----D---- C:\Program Files (x86)\Path of Building

======List of files/folders modified in the last 1 month======

2018-12-21 17:54:37 ----D---- C:\Windows\Prefetch
2018-12-21 17:54:36 ----D---- C:\Windows\system32\drivers\etc
2018-12-21 17:54:36 ----D---- C:\Program Files\trend micro
2018-12-21 17:52:28 ----D---- C:\Users\David Hynek\AppData\Roaming\uTorrent
2018-12-21 17:52:01 ----D---- C:\Windows\temp
2018-12-21 17:52:01 ----D---- C:\Windows\inf
2018-12-21 17:52:01 ----D---- C:\Windows
2018-12-21 17:51:01 ----D---- C:\Windows\system32\Tasks
2018-12-21 17:17:55 ----SHD---- C:\Windows\Installer
2018-12-21 12:09:29 ----D---- C:\ProgramData\NVIDIA
2018-12-21 12:08:16 ----D---- C:\Program Files (x86)\TeamViewer
2018-12-20 23:27:02 ----D---- C:\Users\David Hynek\AppData\Roaming\Curse Client
2018-12-20 21:45:59 ----D---- C:\Windows\system32\config
2018-12-20 21:41:49 ----D---- C:\Users\David Hynek\AppData\Roaming\discord
2018-12-20 21:34:50 ----D---- C:\Windows\system32\drivers
2018-12-20 21:31:43 ----D---- C:\Windows\System32
2018-12-19 20:14:14 ----D---- C:\Config.Msi
2018-12-19 20:09:16 ----RD---- C:\Program Files (x86)
2018-12-18 16:21:12 ----D---- C:\Users\David Hynek\AppData\Roaming\RaiderIO
2018-12-18 14:18:16 ----SHD---- C:\System Volume Information
2018-12-17 18:50:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-12-16 20:12:55 ----D---- C:\ProgramData
2018-12-11 16:35:51 ----D---- C:\Windows\SysWOW64
2018-12-11 00:17:26 ----D---- C:\Windows\system32\NDF
2018-12-10 10:24:47 ----D---- C:\TradeSkillMaster Application

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-12-20 201768]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-12-20 346592]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-12-20 59496]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-12-20 87432]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-12-20 380464]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2018-03-25 48032]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-12-20 201240]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-12-20 230344]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-12-20 239840]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2018-12-20 42288]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-12-20 111800]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-12-20 1028680]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-12-20 469272]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2018-03-25 315808]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-12-20 163208]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-12-20 208472]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-04-17 13832]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2011-09-20 16768]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-10-04 129512]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-10-04 394728]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2016-01-29 4171512]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-10-19 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2017-01-11 5545472]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2013-07-16 129224]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-10-10 100312]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2017-09-19 48064]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-03-24 58816]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2431-09-15 32496]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-05-05 1439792]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-12-20 46384]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-08-29 53760]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-06-08 47672]
S3 EasyAntiCheatSys;EasyAntiCheatSys; \??\C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [2018-06-10 842952]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-13 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2017-01-25 221632]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-09-19 30144]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 semav6msr64;semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [2016-10-18 21984]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 6144]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-05-16 141600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-08-13 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-12-20 324000]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2017-04-17 9728]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19 512960]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-03-24 464272]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-09-19 449984]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-10-17 76888]
R2 TeamViewer;TeamViewer 13; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-09-10 11644656]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-12-20 8188768]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-11-26 1684256]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05 164984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-01 107848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-22 335872]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05 164984]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-11-15 6971400]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-06-10 780928]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-01 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-02-28 194512]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19 512960]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-05-14 207040]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-29 1255736]
S4 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
S4 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
S4 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
S4 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
S4 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
S4 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-04-17 247152]
S4 TurboBoost;Intel(R) Turbo Boost Technology Monitor; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-04-17 134928]
S4 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]

-----------------EOF-----------------

Re: Prosím o kontrolku

Napsal: 21 pro 2018 18:01
od Diallix
Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, klikni na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

Re: Prosím o kontrolku

Napsal: 21 pro 2018 19:02
od Simicek
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2018-12-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-21-2018
# Duration: 00:00:19
# OS: Windows 7 Home Premium
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\IObit\Advanced SystemCare V7
Deleted C:\Users\David Hynek\AppData\LocalLow\IObit\Advanced SystemCare V7
Deleted C:\Users\David Hynek\AppData\Roaming\IObit\Advanced SystemCare V7

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1521 octets] - [21/12/2018 18:51:43]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Prosím o kontrolku

Napsal: 21 pro 2018 20:20
od Diallix
Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

Re: Prosím o kontrolku

Napsal: 21 pro 2018 21:08
od Simicek
FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.12.2018
Ran by David Hynek (administrator) on DAVIDHYNEK-PC (21-12-2018 21:00:53)
Running from C:\Users\David Hynek\Desktop
Loaded Profiles: David Hynek (Available Profiles: David Hynek)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Highresolution Enterprises) C:\X-Mouse Button Control\XMouseButtonControl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Software Ltd) C:\CCleaner\CCleaner64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Discord Inc.) C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [XMouseButtonControl] => C:\X-Mouse Button Control\XMouseButtonControl.exe [1161240 2016-05-22] (Highresolution Enterprises)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-20] (AVAST Software)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-22] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2012-02-10] (ASUS)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-20] (CyberLink)
HKLM-x32\...\Run: [GrooveMonitor] => D:\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\Run: [TSMApplication] => C:\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2018-12-10] ()
HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\Run: [CCleaner Smart Cleaning] => C:\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)
HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\system32\l3codeca.acm [81408 2009-07-14] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [MSVideo8] => C:\Windows\system32\VfWWDM32.dll [68096 2010-11-20] (Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.XFR1] => C:\Windows\system32\xfcodec64.dll [28104 2012-07-25] ()
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L)
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\system32\l3codecp.acm [182272 2009-07-14] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codeca.acm [64000 2009-07-14] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [msacm.siren] => C:\Windows\SysWOW64\sirenacm.dll [49016 2011-05-14] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L)
HKLM\...\Drivers32-x32: [vidc.MPG4] => C:\Windows\SysWOW64\MPG4C32.dll [413760 2010-03-14] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.MP42] => C:\Windows\SysWOW64\MPG4C32.dll [413760 2010-03-14] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.MP43] => C:\Windows\SysWOW64\MPG4C32.dll [413760 2010-03-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [182784 2018-03-25] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182784 2018-03-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159704 2018-03-25] (NVIDIA Corporation)
Startup: C:\Users\David Hynek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2017-04-14]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> D:\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{93BF77B4-A81A-4806-BBBE-08161FD849D2}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E3A2F647-5D3A-4006-B51D-6E686C850E44}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\David Hynek\AppData\Roaming\Mozilla\Firefox\Profiles\3x5rgwnq.default-1458296225216 [2018-12-21]
FF Extension: (Avast SafePrice) - C:\Users\David Hynek\AppData\Roaming\Mozilla\Firefox\Profiles\3x5rgwnq.default-1458296225216\Extensions\sp@avast.com.xpi [2018-05-05]
FF Extension: (Avast Online Security) - C:\Users\David Hynek\AppData\Roaming\Mozilla\Firefox\Profiles\3x5rgwnq.default-1458296225216\Extensions\wrc@avast.com.xpi [2018-08-22]
FF Extension: (Adblock Plus) - C:\Users\David Hynek\AppData\Roaming\Mozilla\Firefox\Profiles\3x5rgwnq.default-1458296225216\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-22] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-22] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-1206595139-1558415813-2062055028-1001: @coreonline.com/run3d,version=1.0 -> C:\Users\David Hynek\AppData\LocalLow\Square Enix\nprun3d.dll [2012-09-14] (Square Enix)
FF Plugin HKU\S-1-5-21-1206595139-1558415813-2062055028-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\David Hynek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default [2018-12-21]
CHR Extension: (BetterTTV) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2018-07-24]
CHR Extension: (Adblock Plus) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-04]
CHR Extension: (Tampermonkey) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-11-21]
CHR Extension: (Adobe Acrobat) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-07-15]
CHR Extension: (Avast Online Security) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-15]
CHR Extension: (Chrome Media Router) - C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-20]
CHR Profile: C:\Users\David Hynek\AppData\Local\Google\Chrome\User Data\System Profile [2018-07-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-12-20] (AVAST Software)
S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-20] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-15] ()
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-10] (EasyAntiCheat Ltd)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [443872 2018-12-12] (Google Inc.)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-04-17] (Hi-Rez Studios) [File not signed]
S3 Microsoft Office Groove Audit Service; D:\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-10-17] ()
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [16768 2011-09-20] (ASUSTek Computer Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-12-20] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-12-20] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-12-20] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-12-20] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-12-20] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239840 2018-12-20] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-12-20] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-12-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163208 2018-12-20] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-12-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-12-20] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-12-20] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-12-20] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-12-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-12-20] (AVAST Software)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-06-08] (Disc Soft Ltd)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [842952 2018-06-10] (EasyAntiCheat Oy)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-16] (Qualcomm Atheros Co., Ltd.)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-10-10] (Intel Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [315808 2018-03-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-09-19] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [58816 2018-03-24] (NVIDIA Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2431-09-15] (Synaptics Incorporated)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] ()
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2099-09-15 19:37 - 2431-09-15 19:37 - 000064624 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2099-09-15 19:37 - 2431-09-15 19:37 - 000032496 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2018-12-21 21:00 - 2018-12-21 21:03 - 000024595 _____ C:\Users\David Hynek\Desktop\FRST.txt
2018-12-21 21:00 - 2018-12-21 21:00 - 000000000 ____D C:\FRST
2018-12-21 20:58 - 2018-12-21 20:58 - 002420224 _____ (Farbar) C:\Users\David Hynek\Desktop\FRST64.exe
2018-12-21 20:10 - 2018-12-21 20:10 - 000002135 _____ C:\Users\Public\Desktop\Path of Exile.lnk
2018-12-21 20:10 - 2018-12-21 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
2018-12-21 20:10 - 2018-12-21 20:10 - 000000000 ____D C:\Program Files (x86)\Grinding Gear Games
2018-12-21 19:16 - 2018-12-21 19:16 - 013855024 _____ (Grinding Gear Games) C:\Users\David Hynek\Downloads\PathOfExileInstaller.exe
2018-12-21 18:59 - 2018-12-21 18:59 - 000000000 ___RD C:\Users\David Hynek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2018-12-21 18:50 - 2018-12-21 18:52 - 000000000 ____D C:\AdwCleaner
2018-12-21 18:49 - 2018-12-21 18:49 - 007320272 _____ (Malwarebytes) C:\Users\David Hynek\Desktop\adwcleaner_7.2.6.0.exe
2018-12-21 17:54 - 2018-12-21 17:54 - 001222144 _____ C:\Users\David Hynek\Downloads\RSITx64.exe
2018-12-21 17:54 - 2018-12-21 17:54 - 000000000 ____D C:\rsit
2018-12-21 17:53 - 2018-12-21 17:53 - 000048318 _____ C:\Users\David Hynek\Documents\cc_20181221_175324.reg
2018-12-21 17:50 - 2018-12-21 17:50 - 019299120 _____ (Piriform Software Ltd) C:\Users\David Hynek\Downloads\ccsetup551.exe
2018-12-21 14:04 - 2018-12-21 14:04 - 000085443 _____ C:\Users\David Hynek\Downloads\282807_hynek_david_20181220_vystupni_test_oboroveho_zakladu__ing__ezk.pdc
2018-12-21 12:31 - 2018-12-21 12:31 - 000192610 _____ C:\Users\David Hynek\Downloads\282250_zamitnuti_pk_hynek.pdf
2018-12-20 21:32 - 2018-12-20 21:31 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-12-20 21:31 - 2018-12-20 21:31 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-12-18 20:07 - 2018-12-18 20:07 - 003654130 _____ C:\Users\David Hynek\Downloads\elvui-10.84 (2).zip
2018-12-18 18:06 - 2018-12-18 18:06 - 000036984 _____ C:\Users\David Hynek\Downloads\[HorribleSubs] Radiant - 11 [720p].ass
2018-12-18 15:21 - 2018-12-18 15:21 - 000021427 _____ C:\Users\David Hynek\Downloads\[HorribleSubs] Black Clover - 63 [1080p].mkv.torrent
2018-12-17 22:53 - 2018-12-17 22:53 - 000039870 _____ C:\Users\David Hynek\Desktop\[HnS] Fairy Tail III - 11 (288).ass
2018-12-16 20:13 - 2018-12-16 20:15 - 000000000 ____D C:\Users\David Hynek\Documents\Path of Building
2018-12-16 20:12 - 2018-12-16 20:13 - 000000000 ____D C:\ProgramData\Path of Building
2018-12-16 20:12 - 2018-12-16 20:12 - 000001109 _____ C:\Users\Public\Desktop\Path of Building.lnk
2018-12-16 20:12 - 2018-12-16 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Path of Building
2018-12-16 20:12 - 2018-12-16 20:12 - 000000000 ____D C:\Program Files (x86)\Path of Building
2018-12-13 14:59 - 2018-12-13 15:00 - 003654130 _____ C:\Users\David Hynek\Downloads\elvui-10.84 (1).zip
2018-12-12 22:53 - 2018-12-12 22:53 - 000001278 _____ C:\Users\David Hynek\Desktop\Wow – zástupce.lnk
2018-12-12 22:48 - 2018-12-12 22:48 - 003654130 _____ C:\Users\David Hynek\Downloads\elvui-10.84.zip
2018-12-08 20:12 - 2018-12-09 12:53 - 000000000 ____D C:\Users\David Hynek\Desktop\petra
2018-11-30 20:40 - 2018-11-30 20:40 - 003651719 _____ C:\Users\David Hynek\Downloads\elvui-10.83.zip
2018-11-29 20:17 - 2018-11-30 12:24 - 000000000 ____D C:\Users\David Hynek\Downloads\FA data od otce

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-21 21:00 - 2018-05-05 14:49 - 000004550 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-21 21:00 - 2017-11-30 11:52 - 000003842 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-12-21 21:00 - 2017-07-01 15:36 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-21 21:00 - 2017-07-01 15:36 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-21 21:00 - 2015-05-03 10:44 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-12-21 21:00 - 2014-12-27 10:10 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-12-21 21:00 - 2013-06-19 18:57 - 000002756 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-12-21 20:44 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-12-21 20:33 - 2009-07-14 05:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-21 20:33 - 2009-07-14 05:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-21 20:10 - 2013-05-27 19:09 - 000000000 ____D C:\ProgramData\Package Cache
2018-12-21 19:01 - 2018-04-05 13:10 - 000000000 ____D C:\Users\David Hynek\AppData\Local\AVAST Software
2018-12-21 18:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-12-21 18:55 - 2018-10-29 14:27 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-12-21 18:55 - 2012-09-28 23:43 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-21 18:54 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-21 18:52 - 2014-10-10 14:42 - 000000000 ____D C:\Users\David Hynek\AppData\LocalLow\IObit
2018-12-21 18:52 - 2013-12-24 12:57 - 000000000 ____D C:\Users\David Hynek\AppData\Roaming\IObit
2018-12-21 18:52 - 2013-12-24 12:57 - 000000000 ____D C:\ProgramData\IObit
2018-12-21 17:54 - 2017-03-08 16:22 - 000000000 ____D C:\Program Files\trend micro
2018-12-21 17:52 - 2012-09-28 14:20 - 000000000 ____D C:\Users\David Hynek\AppData\Local\CrashDumps
2018-12-21 17:52 - 2012-09-27 11:50 - 000000000 ____D C:\Users\David Hynek\AppData\Roaming\uTorrent
2018-12-21 17:50 - 2013-06-19 18:57 - 000000618 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-12-21 17:49 - 2018-11-20 15:35 - 000233847 _____ C:\Users\David Hynek\Downloads\SavedInstances-master.zip
2018-12-21 15:46 - 2013-08-17 00:27 - 000000000 ____D C:\Users\David Hynek\AppData\Local\Battle.net
2018-12-20 23:27 - 2016-10-26 14:03 - 000000000 ____D C:\Users\David Hynek\AppData\Roaming\Curse Client
2018-12-20 21:41 - 2016-06-27 18:12 - 000000000 ____D C:\Users\David Hynek\AppData\Roaming\discord
2018-12-20 21:32 - 2018-01-06 22:54 - 000239840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-12-20 21:32 - 2017-02-20 15:43 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-12-20 21:31 - 2017-11-30 11:58 - 000201240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-12-20 21:31 - 2017-02-20 15:43 - 000346592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-12-20 21:31 - 2017-02-20 15:43 - 000230344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-12-20 21:31 - 2017-02-20 15:43 - 000201768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-12-20 21:31 - 2017-02-20 15:43 - 000059496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-12-20 21:31 - 2015-11-27 18:20 - 001028680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-12-20 21:31 - 2015-11-27 18:20 - 000469272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-12-20 21:31 - 2015-11-27 18:20 - 000380464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-12-20 21:31 - 2015-11-27 18:20 - 000208472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-12-20 21:31 - 2015-11-27 18:20 - 000163208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-12-20 21:31 - 2015-11-27 18:20 - 000111800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-12-20 21:31 - 2015-11-27 18:20 - 000087432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-12-20 21:31 - 2015-11-27 18:20 - 000046384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-12-18 16:21 - 2018-09-10 22:00 - 000000000 ____D C:\Users\David Hynek\AppData\Roaming\RaiderIO
2018-12-18 15:32 - 2018-05-11 11:56 - 000000000 ____D C:\Users\David Hynek\AppData\LocalLow\uTorrent
2018-12-18 13:46 - 2017-07-01 15:37 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-17 19:04 - 2018-01-02 15:26 - 000000014 _____ C:\Users\David Hynek\Desktop\TO-DO Diplomka.txt
2018-12-17 18:50 - 2016-04-03 19:34 - 000000000 ____D C:\Users\David Hynek\Documents\VŠEMIng - update prosinec
2018-12-17 18:50 - 2011-02-19 06:36 - 000680576 _____ C:\Windows\system32\perfh005.dat
2018-12-17 18:50 - 2011-02-19 06:36 - 000145542 _____ C:\Windows\system32\perfc005.dat
2018-12-17 18:50 - 2009-07-14 06:13 - 001615516 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-16 12:46 - 2009-07-14 06:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-12-11 16:36 - 2015-11-21 16:57 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-10 10:24 - 2016-04-16 23:18 - 000000000 ____D C:\TradeSkillMaster Application
2018-11-22 21:17 - 2018-04-05 13:11 - 000002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk

==================== Files in the root of some directories =======

2013-06-19 21:18 - 2014-04-11 12:38 - 000000096 _____ () C:\Users\David Hynek\AppData\Roaming\Camdata.ini
2013-06-19 21:18 - 2014-04-11 12:38 - 000000408 _____ () C:\Users\David Hynek\AppData\Roaming\CamLayout.ini
2013-06-19 21:18 - 2014-04-11 12:38 - 000000408 _____ () C:\Users\David Hynek\AppData\Roaming\CamShapes.ini
2013-06-19 21:18 - 2014-04-11 12:38 - 000004520 _____ () C:\Users\David Hynek\AppData\Roaming\CamStudio.cfg
2013-06-19 21:19 - 2013-06-19 21:19 - 000000098 _____ () C:\Users\David Hynek\AppData\Roaming\CamStudio.Producer.command
2013-06-19 21:19 - 2013-06-19 21:19 - 000000000 _____ () C:\Users\David Hynek\AppData\Roaming\CamStudio.Producer.Data.ini
2013-06-19 21:19 - 2013-06-19 21:19 - 000001206 _____ () C:\Users\David Hynek\AppData\Roaming\CamStudio.Producer.ini
2013-04-02 17:04 - 2013-04-02 17:04 - 000000219 _____ () C:\Users\David Hynek\AppData\Roaming\DAVIDHYNEK-PC.MTBF.txt
2016-02-09 16:24 - 2017-04-18 16:04 - 000099384 _____ () C:\Users\David Hynek\AppData\Roaming\inst.exe
2013-05-28 12:25 - 2017-04-18 16:04 - 000007859 _____ () C:\Users\David Hynek\AppData\Roaming\pcouffin.cat
2013-05-28 12:25 - 2017-04-18 16:04 - 000001167 _____ () C:\Users\David Hynek\AppData\Roaming\pcouffin.inf
2013-05-28 12:25 - 2017-04-18 16:04 - 000000055 _____ () C:\Users\David Hynek\AppData\Roaming\pcouffin.log
2013-05-28 12:25 - 2017-04-18 16:04 - 000082816 _____ (VSO Software) C:\Users\David Hynek\AppData\Roaming\pcouffin.sys
2013-04-02 17:05 - 2013-04-02 17:31 - 000000668 _____ () C:\Users\David Hynek\AppData\Roaming\__AvidCloudManager.log
2013-04-02 17:05 - 2013-04-02 17:26 - 000001094 _____ () C:\Users\David Hynek\AppData\Roaming\__AvidCloudManagerPrevious.log
2013-04-26 14:24 - 2013-04-26 14:24 - 000000058 _____ () C:\Users\David Hynek\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2012-10-11 23:51 - 2018-05-26 15:26 - 000007603 _____ () C:\Users\David Hynek\AppData\Local\Resmon.ResmonCfg
2012-10-30 17:13 - 2013-03-04 23:45 - 000000139 _____ () C:\Users\David Hynek\AppData\Local\SRDownloader.err
2012-10-30 17:13 - 2013-03-05 00:04 - 000001128 _____ () C:\Users\David Hynek\AppData\Local\SRDownloader.nast

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-14 18:37

==================== End of FRST.txt ============================

Re: Prosím o kontrolku

Napsal: 21 pro 2018 21:09
od Simicek
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.12.2018
Ran by David Hynek (21-12-2018 21:04:16)
Running from C:\Users\David Hynek\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-09-26 16:20:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1206595139-1558415813-2062055028-500 - Administrator - Disabled)
David Hynek (S-1-5-21-1206595139-1558415813-2062055028-1001 - Administrator - Enabled) => C:\Users\David Hynek
Guest (S-1-5-21-1206595139-1558415813-2062055028-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.159 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Aktualizace NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\{4555BB9E-E715-4260-A178-E8EFD2B653E3}) (Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Ashampoo Burning Studio 2016 v.16.0.0 (HKLM-x32\...\{91B33C97-B4A4-B41A-6B97-C62C82CEB6A9}_is1) (Version: 16.0.0 - Ashampoo GmbH & Co. KG)
AsMakeLink (HKLM\...\AsMakeLink) (Version: - )
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.2.0 - Asmedia Technology)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.4 - ASUS)
ASUS Video Magic (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4710 - CyberLink Corp.) Hidden
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4710 - CyberLink Corp.)
AsusScr_N5_En (HKLM-x32\...\AsusScr_N5_En) (Version: 1.0.0001 - ASUS)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0014 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.0.917.102 - AVAST Software)
Balíček ovladače systému Windows - Qualcomm Atheros Communications Inc. (athr) Net (03/11/2013 10.0.0.234) (HKLM\...\9F26BE7C257739D7488254A1B5CBFE820E44E902) (Version: 03/11/2013 10.0.0.234 - Qualcomm Atheros Communications Inc.)
Balíček ovladače systému Windows - Qualcomm Atheros Communications Inc. Net (03/11/2013 10.0.0.234) (HKLM\...\99C882A44FD971DC797FE21420A3099DECE89966) (Version: 03/11/2013 10.0.0.234 - Qualcomm Atheros Communications Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bloody5 (HKLM-x32\...\Bloody3) (Version: 15.06.0005 - Bloody)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike(TM) (HKLM-x32\...\{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}) (Version: 1.0.0.0 - Valve)
CPUID HWMonitor 1.31 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4319 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Discord (HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Eurobattle.net (HKLM-x32\...\Eurobattle.net1.26a) (Version: 1.26a - Eurobattle.net)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
ICQ (verze 10.0.12341) (HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\icq.desktop) (Version: 10.0.12341 - ICQ)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}) (Version: 1.2.1.0608 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lizard Safeguard - PDF Viewer 2.6.34 (HKLM-x32\...\Lizard Safeguard - PDF Viewer_is1) (Version: - )
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Miranda IM 0.10.78 (HKLM-x32\...\Miranda IM) (Version: 0.10.78 - Miranda IM Project)
Mozilla Firefox 59.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.3 (x64 en-US)) (Version: 59.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.2.6611 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NBA 2K13 (HKLM-x32\...\{D96B6543-A0C0-4351-AF96-73DEF1DD6820}) (Version: 1.0.0 - 2K Sports)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
One Piece Pirate Warriors 3: GOLD Edition (HKLM-x32\...\One Piece Pirate Warriors 3: GOLD Edition_is1) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Path of Building version 1.4.117 (HKLM-x32\...\{72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1) (Version: 1.4.117 - Openarl)
Path of Exile (HKLM-x32\...\{39c1f3b1-f15e-44a7-9af5-a3a7a4553ba9}) (Version: 3.5.1.48784 - Grinding Gear Games)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.5.1.48784 - Grinding Gear Games) Hidden
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RaiderIO 1.1.2 (HKLM\...\ea53c16d-4ef5-533f-83dc-5b0c5bb40cb2) (Version: 1.1.2 - jah@raider.io)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Shotty - Tiny but impressive screenshot utility (HKLM\...\2e730c18-03e8-4d1d-8fc2-0ee3ea04a765) (Version: 2.0.2.216 - Thomas Baumann)
Spotify (HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\Spotify) (Version: 1.0.90.268.ga8a0ceb4 - Spotify AB)
Square Enix Secure Launcher (HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\Square Enix Secure Launcher) (Version: 1.0.0.108 - Square Enix)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
System Requirements Lab (HKLM-x32\...\{FEE1F166-EAE4-4C4B-8988-D82521F9F63F}) (Version: 6.1.5.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{17922DDF-5AF1-42DF-82A3-564EA4BBAE36}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Unity Web Player (HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 20.0 - Ubisoft)
Urban Rivals version 5.5 (HKLM-x32\...\{515A2CF3-B276-4071-9A32-D0030E4D6E66}_is1) (Version: 5.5 - Acute Games)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\Warcraft III) (Version: - )
Warcraft Logs Uploader (HKLM-x32\...\{62F108EB-F822-DAE9-1EA9-AC8B8683ECB2}) (Version: 5.28 - UNKNOWN) Hidden
Warcraft Logs Uploader (HKLM-x32\...\com.warcraft.logs) (Version: 5.28 - UNKNOWN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.0 - ASUS)
WinRAR 5.60 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Beta (HKLM-x32\...\World of Warcraft Beta) (Version: - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version: - Blizzard Entertainment)
X-Mouse Button Control 2.13.1 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.13.1 - Highresolution Enterprises)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001_Classes\CLSID\{1a365a64-acdc-415e-8846-b38187744dce}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-20] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-20] (AVAST Software)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2011-03-13] (Atheros Commnucations)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-20] (AVAST Software)
ContextMenuHandlers1: [BTMSentToExt] -> {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-10-18] (Intel Corporation)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\WinRAR\rarext64.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-20] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2011-03-13] (Atheros Commnucations)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-20] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\WinRAR\rarext64.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {230A1210-28C0-4B95-99FA-BA4451CE2044} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {23F4690B-5B5C-4366-99DE-248567757902} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {2A5BB3FE-6EF7-4923-866A-040752FAB6D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-01] (Google Inc.)
Task: {2B5BA152-1013-4D59-8C97-BF5C4FD6ACA5} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {2E7630F3-8CC3-4E0B-89B4-817CBEDF52F9} - System32\Tasks\{E13A5D63-5173-41FC-9CB8-2AC152375160} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {30C37B26-BE9A-4E52-8033-C91BD13D2ECC} - System32\Tasks\{4B0ED2CF-260B-4243-9922-9D10409ED05A} => D:\Cata\Cata.exe
Task: {3E4FA5AD-486A-43AC-B747-978288CE8F94} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-22] (ASUS)
Task: {4022E5F5-9B56-4A80-9840-D40C80B3C65F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-12-20] (AVAST Software)
Task: {5068DF17-B360-4664-97DB-413505068493} - System32\Tasks\{4C9E7814-85E0-46FD-A3FA-AC88DB63AF4D} => D:\World of Warcraft\PandashanLauncher.exe
Task: {5F2A7E23-BDA3-4033-AF49-307E36B75948} - System32\Tasks\{3BE2355E-E9A1-4F87-B3AB-E0997C143308} => C:\Windows\system32\pcalua.exe -a "D:\Tony Hawks Pro Skater HD\redist\vcredist_x86.exe" -d "D:\Tony Hawks Pro Skater HD\redist"
Task: {64C09F54-0A9B-4792-91FF-F82562DB4B50} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-10-28] (AVAST Software)
Task: {6B48C0DA-1DEC-4797-883A-65EB6DEAC6B6} - System32\Tasks\{7C5DB924-5773-46D0-8104-270422FD976D} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {6DC4956D-7AA0-43DC-B403-B0FC7BE44020} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {73A2372B-EF44-4882-B797-6276746FCE21} - System32\Tasks\{A57794C3-074C-42C8-8E54-3C4C2B4C9CBC} => C:\Windows\system32\pcalua.exe -a "D:\Steam\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "D:\Steam\steamapps\common\Left 4 Dead 2" -c /register
Task: {743B440A-29B1-4F7E-9074-299C8DBCB787} - System32\Tasks\{E0DFF7C1-CD92-48A5-A76D-0544801851B2} => D:\World of Warcraft\PandashanLauncher.exe
Task: {7825104E-7BC4-427D-9A4D-9D7B87322052} - System32\Tasks\SafeZone scheduled Autoupdate 1451238072 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {7A3C55A2-F9F4-40C9-A3E5-3ABB59BAB7D2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {7E73BE76-AAD0-4B6A-82E0-359F5B37CD9B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-19] (NVIDIA Corporation)
Task: {831C4429-0229-4225-B6EE-8080EDDE7488} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-19] (NVIDIA Corporation)
Task: {98FBA9F6-FED2-4556-879C-647C13A76E26} - System32\Tasks\{8B295764-4E2C-455F-BA43-5C73D460FD5E} => D:\Steam\Steam.exe [2018-11-26] (Valve Corporation)
Task: {991F9792-95FF-4484-ADC3-8A79C92E0F57} - System32\Tasks\{C2A36E6E-496D-4079-892B-50F051B6CB51} => D:\WoW Cata\Wow.exe
Task: {9A022BEC-2299-4544-B063-49CFBA253B31} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-01] (Google Inc.)
Task: {A5BD04B0-CC27-4D02-B86D-11B002FDB5E7} - System32\Tasks\{3EB5F546-57A4-433C-BFCF-C1F4FF6391CA} => D:\Steam\Steam.exe [2018-11-26] (Valve Corporation)
Task: {AE91D09A-C626-4484-BBFD-88333C1661F3} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {B050B86A-8441-41D2-AE49-A285912EB088} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-19] (NVIDIA Corporation)
Task: {B18A5A97-ECB9-4AF6-9F08-D57322FE5774} - System32\Tasks\CCleanerSkipUAC => C:\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {B7A44BB9-D58D-458D-AC01-7BACC27D66D0} - System32\Tasks\{638FF75C-0CE8-441F-BEC8-BF9555DD423D} => C:\Windows\system32\pcalua.exe -a C:\Avastantivir\aswRunDll.exe -c "C:\Avastantivir\Setup\setiface.dll" RunSetup
Task: {BD315831-CD4C-46B8-B67E-A0C31919AB4A} - System32\Tasks\{F9CE0497-3BC9-4BF4-9875-9E52B8897540} => C:\WoW Cata\Wow.exe [2013-09-26] (Blizzard Entertainment)
Task: {BD79AC6E-ACC1-4A40-9333-F1B04F6D17DD} - System32\Tasks\USBChargerPlus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2011-09-20] (ASUSTek Computer Inc.)
Task: {C05322F6-5B11-4703-9B8C-89B12007837A} - System32\Tasks\CCleaner Update => C:\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {C621563B-E9DE-4788-948B-98AF0AA92252} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-22] (Adobe Systems Incorporated)
Task: {C6753486-24CE-4DF0-B261-D203FEC368C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {C6AA8076-DF90-48FA-958A-46EDEB4315D3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-22] (Adobe Systems Incorporated)
Task: {C6CC5C24-D047-41CF-A884-4031ED12D086} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {CB48A483-B899-491F-BA65-CAF22AC44CC0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_159_pepper.exe [2017-10-10] (Adobe Systems Incorporated)
Task: {CF2D979D-3A33-43EA-A152-F73E3EA8902D} - System32\Tasks\{A5BE9FBF-B10A-4567-B881-9A805252C90C} => D:\WoW Cata\Wow.exe
Task: {D1F09E06-2DFB-449D-A7FD-FE5A232CF8E3} - System32\Tasks\{37498FC8-1BCE-4565-821D-D5B1520D8148} => D:\Heroes of the Storm\Heroes of the Storm.exe [2018-09-27] (Blizzard Entertainment)
Task: {DE231C24-B141-4C63-B5DB-3BA051E2C151} - System32\Tasks\{358FBDFC-3F07-4827-88C6-66E8A855B6E7} => D:\Overwolf\OverwolfLauncher.exe
Task: {DFE1BEF2-2CA1-41F9-98D2-DA3155F80E02} - System32\Tasks\{6CFBCDD2-220F-4DE5-82B3-730A1C967817} => D:\World of Warcraft\PandashanLauncher.exe
Task: {E248A12C-F694-4025-9329-FE4924AA3379} - System32\Tasks\{78E95B85-BAAF-40BB-BCF5-0587C7344E46} => D:\Cata\Cata.exe
Task: {E5DA68EB-FC10-4320-B142-87405BD52A4F} - System32\Tasks\{125F7D28-1209-4A2D-A3EA-ECD570ECE3E3} => D:\Heroes of the Storm\Heroes of the Storm.exe [2018-09-27] (Blizzard Entertainment)
Task: {E8D7B1F4-462F-4F09-9DED-4BF49265E662} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\David Hynek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2017-04-21 22:15 - 2017-09-19 08:23 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-05-28 16:04 - 2018-03-24 02:13 - 000544192 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2012-10-16 20:52 - 2012-10-17 21:50 - 000076888 ____N () C:\Windows\SysWOW64\PnkBstrA.exe
2017-04-21 16:34 - 2018-03-24 00:02 - 000135136 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-12-20 21:31 - 2018-12-20 21:31 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2011-12-01 03:17 - 2011-05-05 13:30 - 000057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2011-12-01 03:15 - 2015-06-01 21:00 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-12-10 11:09 - 2018-12-10 11:09 - 000093648 _____ () C:\CCleaner\lang\lang-1029.dll
2018-12-18 13:46 - 2018-12-12 06:12 - 002682336 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libglesv2.dll
2018-12-18 13:46 - 2018-12-12 06:12 - 000156640 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libegl.dll
2018-12-20 23:49 - 2018-12-20 23:49 - 025333360 _____ () C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile.exe
2018-12-20 21:31 - 2018-12-20 21:31 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-12-20 21:31 - 2018-12-20 21:31 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-12-20 21:31 - 2018-12-20 21:31 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-12-20 21:31 - 2018-12-20 21:31 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-12-20 21:31 - 2018-12-20 21:31 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-12-21 18:57 - 2018-12-21 18:57 - 005734544 _____ () C:\Program Files\AVAST Software\Avast\defs\18122106\algo.dll
2018-03-18 17:43 - 2018-03-18 17:43 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-08-20 18:57 - 2010-08-20 18:57 - 000619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 18:57 - 2010-08-20 18:57 - 000013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2018-07-20 12:32 - 2018-04-30 22:01 - 001891672 _____ () C:\Users\David Hynek\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-05-01 18:43 - 2018-12-19 13:45 - 011328856 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-05-01 18:43 - 2018-11-16 12:19 - 001639256 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-05-01 18:43 - 2018-05-01 18:43 - 000512856 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-05-01 18:43 - 2018-12-19 13:45 - 001658712 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-10-01 11:31 - 2018-10-10 11:10 - 009621848 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_cloudsync\discord_cloudsync.node
2018-05-01 18:43 - 2018-05-01 18:43 - 002722648 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-08-11 12:23 - 2018-12-13 14:47 - 001261400 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node
2018-08-11 12:23 - 2018-12-11 12:54 - 021991256 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node
2018-05-01 18:44 - 2018-05-01 18:44 - 002760536 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-05-01 18:44 - 2018-05-01 18:44 - 001249112 _____ () \\?\C:\Users\David Hynek\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\download.microsoft.com -> hxxp://download.microsoft.com
IE trusted site: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\update.microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\update.microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\windowsupdate.com -> hxxp://windowsupdate.com
IE trusted site: HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-12-21 17:54 - 000000043 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1206595139-1558415813-2062055028-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David Hynek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AFBAgent => 2
MSCONFIG\Services: ASLDRService => 2
MSCONFIG\Services: ASUS InstantOn => 2
MSCONFIG\Services: Atheros Bt&Wlan Coex Agent => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: ATKGFNEXSrv => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth Media Service => 3
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: Splashtop MDES => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SystemExplorerHelpService => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TurboBoost => 2
MSCONFIG\Services: UNS => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{B2C06E74-4EE6-4620-A820-0CE6B0D4985C}C:\utorrent\utorrent.exe] => (Allow) C:\utorrent\utorrent.exe
FirewallRules: [UDP Query User{64C542EC-B6E9-46F5-A0B5-CFA65D313E00}C:\utorrent\utorrent.exe] => (Allow) C:\utorrent\utorrent.exe
FirewallRules: [TCP Query User{5FEFC943-4D2C-42C2-B5C0-81FA49AEB1C5}D:\warcraft iii\gproxy.exe] => (Allow) D:\warcraft iii\gproxy.exe
FirewallRules: [UDP Query User{244950D2-EE2A-4BF1-8447-705668275591}D:\warcraft iii\gproxy.exe] => (Allow) D:\warcraft iii\gproxy.exe
FirewallRules: [TCP Query User{6423847A-CBA7-4130-B124-9ED68D93DB07}D:\warcraft iii\war3.exe] => (Allow) D:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{8B6F3209-0F52-4ACD-9AE0-EA02E0BFEEF9}D:\warcraft iii\war3.exe] => (Allow) D:\warcraft iii\war3.exe
FirewallRules: [TCP Query User{3C485705-B9EA-4433-AA1F-D5FBC72173B2}C:\utorrent\utorrent.exe] => (Allow) C:\utorrent\utorrent.exe
FirewallRules: [UDP Query User{A7A977DA-D049-4F93-80A4-95F68B4A1757}C:\utorrent\utorrent.exe] => (Allow) C:\utorrent\utorrent.exe
FirewallRules: [{C39BDB0E-D4B0-48B7-BF41-37F7DA32853A}] => (Allow) D:\Battle.net\Battle.net.exe
FirewallRules: [{ACE3B969-80C7-4C66-86B9-BDBE201FB36A}] => (Allow) D:\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{0422D665-4F76-43A7-9552-4CBCB6308ADD}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe
FirewallRules: [UDP Query User{8DD431DB-E179-41DA-8B81-87571307BF08}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe
FirewallRules: [{DE7BC07F-3603-4C25-9949-44A1D22FDBD6}] => (Allow) D:\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{006F2753-A6D0-44A5-9093-09A4052A5ECD}] => (Allow) D:\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{18D826FB-4DA0-455A-A423-BF46276C0966}] => (Allow) D:\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{5F39A688-4B3D-455D-8C39-6F4A823BFF33}] => (Allow) D:\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{75B28E90-4DBF-43AC-B29B-26132517BA98}] => (Allow) D:\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{33FBD337-6BEB-4ADF-BB48-CAD6CFD451D0}] => (Allow) D:\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{F351F728-8A29-4EDE-9858-0C34BF410684}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{CC6DC607-A974-41A6-A82F-B842AC1EC527}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{453022D1-A751-4753-A6E0-4BB71D20B22C}] => (Allow) C:\Users\David Hynek\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{986D487A-281D-4F90-988C-969127D59699}] => (Allow) C:\Users\David Hynek\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{4287B184-8E11-4AFD-B6D1-2B6920D562F7}C:\users\david hynek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david hynek\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5152FF75-503F-4953-A2FF-C47CD1B66177}C:\users\david hynek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david hynek\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{1E73A923-5AD5-4DCC-9091-C8E4EFC8A60B}C:\users\david hynek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david hynek\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1DC609B2-9A4B-42AD-A86D-64736EA08BD1}C:\users\david hynek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david hynek\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{CE0DC009-D814-4B6E-BB9F-CA4237E40EC7}C:\users\david hynek\appdata\roaming\utorrent\updates\3.4.5_41865.exe] => (Allow) C:\users\david hynek\appdata\roaming\utorrent\updates\3.4.5_41865.exe
FirewallRules: [UDP Query User{8E8C52EF-F617-4A2A-B617-78D99E223C1B}C:\users\david hynek\appdata\roaming\utorrent\updates\3.4.5_41865.exe] => (Allow) C:\users\david hynek\appdata\roaming\utorrent\updates\3.4.5_41865.exe
FirewallRules: [{3192F993-BBF1-415A-A712-F28335B14559}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B8E9886B-53CE-45B3-8CEC-E49E9DEF33A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A4FBE12B-0EE7-4439-BB45-758915B9A3EF}C:\miranda im\miranda64.exe] => (Allow) C:\miranda im\miranda64.exe
FirewallRules: [UDP Query User{716C41D4-C86E-4572-9E19-D3DF6F00FB88}C:\miranda im\miranda64.exe] => (Allow) C:\miranda im\miranda64.exe
FirewallRules: [TCP Query User{4FD0FAB5-812B-4CAE-92CF-A9D85FBFE1D5}C:\miranda im\miranda64.exe] => (Allow) C:\miranda im\miranda64.exe
FirewallRules: [UDP Query User{A1B08C12-5C69-4ECB-9E87-6745EF88BF84}C:\miranda im\miranda64.exe] => (Allow) C:\miranda im\miranda64.exe
FirewallRules: [TCP Query User{31F6F01B-E943-43B6-A9D6-EEE7520446C6}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{9F61B029-AA7B-4FC2-8CCF-475487D7F740}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [{6ACB9B96-457E-45C5-B142-80521B40FB84}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8FA55DF6-4C50-45FC-9974-F2E842C75B81}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{09FEB203-C250-4C9C-BD06-EEBAD2C91D56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4682E362-7259-41DA-BD7E-91A72CB0D72F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{B7BC3F3C-0D4D-4041-AA28-D9E8F4528C04}D:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{53CC15D9-A8FF-4CF9-A1B1-87C6D8864184}D:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [{BA122A1D-B7FE-4A7D-96ED-4351B1B98988}] => (Allow) D:\Microsoft Office\Office12\outlook.exe
FirewallRules: [{EA7F5342-7752-40A0-850B-EA888E632A6C}] => (Allow) D:\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{02F412C9-F434-41E0-9A5D-65BA317FFD1A}] => (Allow) D:\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{931FA000-DCDB-4BD0-BE34-0219DBB63620}] => (Allow) D:\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{C11E73E9-BF0C-4CEF-87C8-A72B5CC1435B}] => (Allow) D:\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{98687D95-11F4-4523-9E07-AA624F450565}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{B9F72AB0-4D86-42AD-B850-D7E85396019B}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [TCP Query User{2D1030A1-7F31-4CC0-93F6-9E525A23BFFA}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{93A403D7-B8AD-43FB-A9F0-81023EAE845C}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [{B75FB474-7C73-4E29-AFD2-8D9FB0CFF056}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1A518CAD-DF24-4EBA-9CF0-9E8DF73E5E0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{62E5A69C-B7CD-4C2C-B462-ED512D88BEF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B13F4CA1-DA18-489C-87EB-828E65F0281E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2AF00D15-D27A-4582-9E32-D21BF20A1CD9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F63C58A9-C3C3-484E-B95A-174DB2943B7B}C:\miranda im\miranda32.exe] => (Allow) C:\miranda im\miranda32.exe
FirewallRules: [UDP Query User{0C84AB98-FD02-49EC-9BD7-814AB4A6C4B1}C:\miranda im\miranda32.exe] => (Allow) C:\miranda im\miranda32.exe
FirewallRules: [TCP Query User{D6D94AF9-2B16-4F20-AED1-62BE657966D3}C:\miranda im\miranda32.exe] => (Allow) C:\miranda im\miranda32.exe
FirewallRules: [UDP Query User{932B06D8-ADD5-499D-904C-26A40F7B92AE}C:\miranda im\miranda32.exe] => (Allow) C:\miranda im\miranda32.exe
FirewallRules: [{F035CB8D-6168-480D-BC0F-749243F21862}] => (Allow) C:\CCleaner\CCUpdate.exe
FirewallRules: [{F6A6BFDF-83EF-41F3-89C8-7F6B320265B0}] => (Allow) C:\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{69B7CD2A-B4E4-41AD-9191-B0223C7EF525}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{487742AD-B523-485A-ADD8-6738E462C0A0}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [TCP Query User{6090E7FF-8D61-4B29-90C3-0E6007B09C94}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{283430AA-9338-4639-80A2-4DDDCF91A249}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [{D0A78340-B903-4D64-9923-0E02D71D8E24}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3143C796-859E-40E0-9733-DCB1EF26CC0A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{0CD5D677-446B-472D-96AB-5BF11981456C}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{81862C53-F493-4D4F-9CC0-B56028CBDE5F}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{8D4469E3-2E80-486B-A9D0-841E7ECAF97B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6C128722-BDBD-4780-9515-FFC0481BBD1A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E228F37C-ED52-4252-A979-482EA8214F59}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AFA2F06A-F237-4B06-9256-9677BED2C506}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7F2F7F85-EDA2-4321-8669-567ED22AE381}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{042F1FF8-C516-41B6-A1D7-654FD4E44004}] => (Allow) D:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{46366EF4-D9A3-4214-95A2-8975C8D69B40}] => (Allow) D:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{6984D478-B789-4B9B-B742-D32954645191}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A1A6A94C-9D9B-4D41-82BD-ABE56D43F545}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3059636E-54C7-4733-991F-8889DAF0C542}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{F0306F3B-EDD6-4A87-870E-7A483A95C2F5}] => (Allow) C:\CCleaner\CCUpdate.exe
FirewallRules: [{A99BBADB-667F-4414-BB05-F92FEEC1BDB4}] => (Allow) C:\CCleaner\CCUpdate.exe

==================== Restore Points =========================

10-12-2018 11:36:07 Naplánovaný kontrolní bod
18-12-2018 14:12:24 Naplánovaný kontrolní bod
21-12-2018 20:09:32 Path of Exile
21-12-2018 20:11:01 Nainstalováno rozhraní DirectX

==================== Faulty Device Manager Devices =============

Name: Bluetooth Server
Description: Bluetooth Server
Class Guid: {34446e8e-37b4-4b16-9da6-bea2db33465a}
Manufacturer: Intel Corporation
Service: btmaux
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/21/2018 08:18:08 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (12/21/2018 07:15:17 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (12/21/2018 07:02:24 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/21/2018 07:02:24 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/21/2018 07:02:24 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/21/2018 07:02:24 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (12/21/2018 07:01:56 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/21/2018 07:01:41 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (12/21/2018 07:02:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/21/2018 07:02:24 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (12/21/2018 07:01:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Search přestala během spouštění reagovat.

Error: (12/21/2018 06:52:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Hi-Rez Studios Authenticate and Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/21/2018 06:52:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (12/21/2018 06:52:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/21/2018 06:52:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/21/2018 06:52:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2015-03-04 22:18:20.020
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-03-04 22:10:18.374
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-03-04 21:48:47.081
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

CodeIntegrity:
===================================

Date: 2015-03-13 09:54:07.920
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-13 09:54:07.732
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-13 09:51:33.857
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-13 09:51:33.701
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-13 09:48:59.511
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-13 09:48:59.355
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-13 09:40:41.036
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-13 09:40:40.865
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 56%
Total physical RAM: 6048.05 MB
Available physical RAM: 2639.86 MB
Total Virtual: 12094.29 MB
Available Virtual: 7922.89 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:300 GB) (Free:132.93 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:373.64 GB) (Free:102.49 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 5BE4A3F9)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=300 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=373.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Prosím o kontrolku

Napsal: 21 pro 2018 21:38
od Diallix
Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 




Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Re: Prosím o kontrolku

Napsal: 21 pro 2018 21:42
od Simicek
Fix result of Farbar Recovery Scan Tool (x64) Version: 20.12.2018
Ran by David Hynek (21-12-2018 21:42:09) Run:1
Running from C:\Users\David Hynek\Desktop
Loaded Profiles: David Hynek (Available Profiles: David Hynek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully

==== End of Fixlog 21:42:09 ====

Re: Prosím o kontrolku

Napsal: 21 pro 2018 21:49
od Diallix
Ako je na tom pocitac?

Re: Prosím o kontrolku

Napsal: 21 pro 2018 21:53
od Simicek
Vše vypadá dobře. Mám ještě něco udělat?

Re: Prosím o kontrolku

Napsal: 21 pro 2018 22:04
od Diallix
Su s pocitacom neake problemy?

Re: Prosím o kontrolku

Napsal: 21 pro 2018 22:08
od Simicek
Vše okey, jen jsem chtěl kontrolku jestli není nějaké svinstvo v pc.

Děkuji za pomoc a Štastné a Veselé Vánoce. Děkuji

Re: Prosím o kontrolku

Napsal: 21 pro 2018 22:10
od Diallix
Nemate absolutne zac, Vam prajem tiez stastne a vesele Vianoce :]]