Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
sejk
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 01 úno 2014 12:23

Prosím o kontrolu logu

#1 Příspěvek od sejk »

Zkoukne mi to prosím někdo, ntb je pomalý?

Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.01.2019 01
Ran by rodinka (administrator) on ASUS (10-01-2019 12:33:20)
Running from C:\Users\rodinka\Downloads
Loaded Profiles: rodinka (Available Profiles: rodinka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
() C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ServiceManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ECAREME) C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(EasyBits Software AS) C:\ProgramData\GameXN\GameXNGO.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(© 2015 Microsoft Corporation) C:\Users\rodinka\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
() C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe
() C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ModemListener.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [UfSeAgnt.exe] => C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1022904 2010-02-23] (Trend Micro Inc.)
HKLM\...\Run: [EeeStorageBackup] => C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [947472 2009-08-25] (ECAREME)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [619392 2009-06-12] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [261512 2019-01-08] (AVAST Software)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2244096 2009-07-13] (VIA)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Tmobile_Czech Estoril ModemListener] => C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [159016 2014-12-11] ()
HKLM-x32\...\Run: [DT_Group KEY40 ModemListener] => C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ModemListener.exe [172840 2016-07-01] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [261512 2019-01-08] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [EPSON SX525WD Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [] => [X]
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1083264 2012-01-10] (Nokia)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [GameXN GO] => C:\ProgramData\GameXN\GameXNGO.exe [347008 2011-12-24] (EasyBits Software AS)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2171520 2017-12-05] (Gemfor s.r.o.)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [BingSvc] => C:\Users\rodinka\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: F - F:\iStudio.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: H - H:\iStudio.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {36704758-e5b1-11e8-9101-9d30524f5bb0} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {7457efc2-113d-11e3-b844-90e6ba926044} - G:\AutoRun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {8ddd1ffa-f561-11e2-ac52-90e6ba926044} - G:\AutoRun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {b5099c5e-5b74-11df-9e0a-90e6ba926044} - G:\iStudio.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {bbf2da3d-10a2-11e3-ba67-90e6ba926044} - G:\AutoRun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {f88602c8-0391-11e9-8fd5-d8ae6fdf90a9} - G:\autorun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {f8860321-0391-11e9-8fd5-97e3480b647c} - G:\autorun.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2009-05-01] (ASUS)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2009-10-30]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-12-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\tmchlang.lnk [2009-10-30]
ShortcutTarget: tmchlang.lnk -> C:\Program Files\Trend Micro\Internet Security\TmChLang.exe (Trend Micro Inc.)
Startup: C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2018-09-12]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1561311962-1441187426-1150558857-1000] => 172.24.12.1:3128
Tcpip\Parameters: [DhcpNameServer] 82.202.74.3 82.202.74.4 192.168.2.254
Tcpip\..\Interfaces\{905407FB-76B5-4ED9-9380-44A2BEECFA1E}: [DhcpNameServer] 82.202.74.3 82.202.74.4 192.168.2.254
Tcpip\..\Interfaces\{9F34E130-DCAE-4941-8DF3-24BC730FBC68}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CEA2FA5D-C5B9-48D6-BCC9-627620CF608E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E504117C-A811-4985-B8CD-5C4A9210655D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{F1992B06-DB3E-4D43-8446-02B1BE795078}: [DhcpNameServer] 94.74.192.252 94.74.192.244

Internet Explorer:
==================
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [fe_9.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF Extension: (No Name) - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012-03-08] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [te_9.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: (No Name) - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-03-08] [Legacy] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxx ... google.com"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchT ... e}&PC=U316
CHR Profile: C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default [2019-01-09]
CHR Extension: (YouTube) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (Bing) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2018-03-22]
CHR Extension: (Vyhledávání Google) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-22]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-19]
CHR Extension: (Avast Online Security) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-12-19]
CHR Extension: (Skype) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-03-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-19]
CHR Extension: (Gmail) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-12]
CHR Extension: (Chrome Media Router) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-19]
CHR HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [7834368 2019-01-08] (AVAST Software)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [357816 2019-01-08] (AVAST Software)
R2 DT_Group KEY40 Modem Device Helper; C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ServiceManager.exe [78120 2016-06-17] ()
R2 FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [306232 2009-07-24] (ASUSTeK Computer Inc.)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
S2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [422608 2017-04-13] (Gemfor s.r.o.)
S2 OberonGameConsoleService; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [44312 2009-09-15] ()
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [859712 2010-10-09] (Trend Micro Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6634224 2018-02-02] (TeamViewer GmbH)
S3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [570632 2009-08-22] (Trend Micro Inc.)
R2 Tmobile_Czech Estoril Modem Device Helper; C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe [76584 2014-12-11] ()
S3 TmProxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [917768 2009-08-22] (Trend Micro Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-08] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-08] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [220688 2019-01-08] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-08] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-08] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-08] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-08] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-08] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166472 2019-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-08] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-08] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-08] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-08] (AVAST Software)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [32768 2010-10-08] (Huawei Tech. Co., Ltd.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [761592 2011-05-03] (Duplex Secure Ltd.)
R2 tmpreflt; C:\Windows\System32\DRIVERS\tmpreflt.sys [42768 2011-07-12] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [107536 2009-08-22] (Trend Micro Inc.)
R2 tmxpflt; C:\Windows\System32\DRIVERS\tmxpflt.sys [342288 2011-07-12] (Trend Micro Inc.)
R2 vsapint; C:\Windows\System32\DRIVERS\vsapint.sys [2077456 2011-07-12] (Trend Micro Inc.)
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-10 12:33 - 2019-01-10 12:34 - 000025263 _____ C:\Users\rodinka\Downloads\FRST.txt
2019-01-10 12:31 - 2019-01-10 12:33 - 000000000 ____D C:\FRST
2019-01-10 12:30 - 2019-01-10 12:31 - 002425856 _____ (Farbar) C:\Users\rodinka\Downloads\FRST64.exe
2019-01-08 16:57 - 2019-01-08 16:56 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-08 16:57 - 2019-01-08 16:56 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-08 16:57 - 2019-01-08 16:56 - 000220688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-08 16:57 - 2019-01-08 16:56 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-08 16:57 - 2019-01-08 16:56 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-08 16:57 - 2019-01-08 16:56 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-08 15:37 - 2019-01-08 16:16 - 000000000 ____D C:\Windows\SysWOW64\19010804_stream
2018-12-19 15:06 - 2018-12-19 15:06 - 000000000 ____D C:\Program Files\T-Mobile
2018-12-19 14:50 - 2018-12-19 15:06 - 000001964 _____ C:\Users\Public\Desktop\Internet Manager.lnk
2018-12-19 14:50 - 2018-12-19 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2018-12-19 14:50 - 2018-12-19 14:50 - 000000000 ____D C:\Program Files (x86)\Internet Manager
2018-12-19 14:50 - 2013-06-18 11:33 - 000123776 _____ (TCT International Mobile Ltd.) C:\Windows\system32\Drivers\jrdusbser.sys
2018-12-19 14:47 - 2016-07-05 11:11 - 000381568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys
2018-12-19 14:47 - 2016-07-05 11:10 - 000126848 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys
2018-12-19 14:47 - 2015-01-15 13:04 - 000018688 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2018-12-19 14:47 - 2014-09-11 11:06 - 000457728 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2018-12-19 14:47 - 2013-11-30 12:25 - 000226176 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2018-12-19 14:47 - 2013-01-25 04:46 - 000109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2018-12-19 14:47 - 2010-10-08 12:29 - 000032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2018-12-19 14:47 - 2010-09-26 13:39 - 000022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2018-12-19 14:44 - 2018-12-19 14:44 - 000001307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-Mobile Internet Manager.lnk
2018-12-19 14:44 - 2018-12-19 14:44 - 000001210 _____ C:\Users\rodinka\Desktop\T-Mobile Internet Manager.lnk
2018-12-19 14:44 - 2018-12-19 14:44 - 000001210 _____ C:\Users\Default\Desktop\T-Mobile Internet Manager.lnk
2018-12-19 14:44 - 2018-12-19 14:44 - 000001210 _____ C:\Users\Default User\Desktop\T-Mobile Internet Manager.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-10 12:31 - 2009-07-14 05:45 - 000006784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-10 12:31 - 2009-07-14 05:45 - 000006784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-10 12:29 - 2011-11-27 19:52 - 000000000 ____D C:\ProgramData\GameXN
2019-01-10 11:21 - 2018-05-01 21:12 - 000000000 ____D C:\Users\rodinka\AppData\Local\AVAST Software
2019-01-10 11:19 - 2011-05-29 19:10 - 000000000 ____D C:\Users\rodinka\AppData\Roaming\go
2019-01-10 11:17 - 2009-10-30 18:44 - 000003004 _____ C:\Windows\System32\Tasks\ASUS Live Update
2019-01-10 11:16 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-10 00:35 - 2014-06-17 09:44 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-01-09 20:33 - 2015-07-14 20:23 - 000000000 ___SD C:\Users\rodinka\AppData\LocalLow\Temp
2019-01-09 20:30 - 2009-08-03 21:00 - 000669132 _____ C:\Windows\system32\perfh005.dat
2019-01-09 20:30 - 2009-08-03 21:00 - 000141760 _____ C:\Windows\system32\perfc005.dat
2019-01-09 20:30 - 2009-07-14 06:13 - 001584626 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-09 20:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-01-09 18:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-01-09 16:37 - 2009-10-30 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park
2019-01-09 16:37 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-01-09 14:44 - 2014-12-15 18:58 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-09 14:44 - 2014-12-15 18:58 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 14:44 - 2014-12-15 18:58 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-01-09 14:44 - 2014-12-15 18:58 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-09 14:44 - 2009-10-30 18:31 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-09 14:34 - 2011-05-03 08:46 - 000000000 ____D C:\Program Files (x86)\WinRAR
2019-01-08 17:48 - 2018-05-01 21:10 - 000000784 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-08 17:48 - 2018-03-28 18:44 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-01-08 17:48 - 2015-03-21 15:35 - 000000000 ____D C:\Program Files\CCleaner
2019-01-08 17:45 - 2011-05-03 08:47 - 000000000 ____D C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-08 17:45 - 2011-05-03 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-08 17:44 - 2018-05-01 21:13 - 000001312 _____ C:\Users\Public\Desktop\Skype.lnk
2019-01-08 17:44 - 2018-05-01 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-01-08 17:38 - 2009-07-14 06:08 - 000032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-01-08 16:58 - 2017-08-16 14:57 - 000003912 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-08 16:56 - 2018-10-22 15:53 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-08 16:56 - 2017-12-26 17:40 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-08 16:56 - 2017-12-26 17:40 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-08 16:56 - 2014-05-01 17:25 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-08 16:56 - 2014-01-02 08:24 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-08 16:56 - 2013-03-16 14:28 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-08 16:56 - 2013-03-16 14:28 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-08 16:56 - 2012-02-26 14:42 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-08 16:56 - 2011-06-19 18:20 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-08 16:56 - 2009-12-14 09:11 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-08 16:56 - 2009-12-14 09:11 - 000166472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-08 16:44 - 2009-12-12 10:24 - 000000000 __SHD C:\Users\rodinka\AppData\Roaming\.#
2019-01-07 19:27 - 2009-12-29 21:53 - 000000000 ____D C:\Windows\system32\Service
2019-01-07 09:09 - 2014-08-09 14:12 - 000045056 _____ C:\Windows\system32\acovcnt.exe
2018-12-19 17:58 - 2010-02-12 11:10 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-19 17:58 - 2010-02-12 11:10 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-19 17:47 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-12-19 17:42 - 2009-10-30 18:46 - 000002142 _____ C:\Windows\system32\AutoRunFilter.ini
2018-12-19 17:42 - 2009-10-30 18:46 - 000001931 _____ C:\Windows\system32\ServiceFilter.ini
2018-12-19 14:47 - 2013-08-30 07:51 - 000000000 ____D C:\Program Files (x86)\ZTE
2018-12-19 14:44 - 2013-08-30 07:50 - 000000000 ____D C:\Program Files (x86)\T-Mobile
2018-12-14 21:47 - 2012-07-12 18:42 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-14 21:47 - 2012-07-12 18:42 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2007-06-12 17:34 - 2007-06-12 17:34 - 000035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 16:35 - 2008-05-22 16:35 - 000051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 18:31 - 2009-04-08 18:31 - 000106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 - 2008-08-12 05:45 - 000155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2015-12-30 16:32 - 2016-01-02 18:20 - 000000268 _____ () C:\Users\rodinka\AppData\Roaming\_
2012-04-01 17:23 - 2012-04-01 17:23 - 000004096 ____H () C:\Users\rodinka\AppData\Local\keyfile3.drm
2014-07-09 09:49 - 2014-07-09 09:49 - 000020480 ____T () C:\Users\rodinka\AppData\Local\uninstall.tmp

Some files in TEMP:
====================
2019-01-09 14:38 - 2019-01-09 14:38 - 000001536 _____ () C:\Users\rodinka\AppData\Local\Temp\NOSEventMessages.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-09 17:52

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.01.2019 01
Ran by rodinka (10-01-2019 12:34:38)
Running from C:\Users\rodinka\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2009-12-08 17:10:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1561311962-1441187426-1150558857-500 - Administrator - Disabled)
Guest (S-1-5-21-1561311962-1441187426-1150558857-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1561311962-1441187426-1150558857-1002 - Limited - Enabled)
rodinka (S-1-5-21-1561311962-1441187426-1150558857-1000 - Administrator - Enabled) => C:\Users\rodinka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Internet Security (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Trend Micro Internet Security (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.01.513.58212 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Actualizare Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0418-0000-0000000FF1CE}_PROHYBRIDR_{6195740F-0C89-4CDD-ACAD-67CCE1495348}) (Version: - Microsoft)
Actualizare Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0418-0000-0000000FF1CE}_PROHYBRIDR_{E78703E2-69D3-4204-B101-9D8B7B72585C}) (Version: - Microsoft)
Actualizare Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0418-0000-0000000FF1CE}_PROHYBRIDR_{1531AE8C-8271-4A8C-9ABA-86AE70B0DA82}) (Version: - Microsoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.6 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{60D6618B-153F-4353-8185-908E676E5888}) (Version: 1.0.5 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}) (Version: 1.1.19 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
Asus WebStorage (HKLM\...\Asus WebStorage) (Version: 2.0.31.477 - eCareme Technologies, Inc.)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.16 - Atheros Communications Inc.)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0051 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0005 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0005 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Classic Menu 3.x for Office 2007 (HKLM-x32\...\{409ECFF1-9CC7-43A8-B28A-B7F0B7CB04D1}_is1) (Version: - Addintools)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.3 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2713 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dream Day Wedding Married in Manhattan (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}) (Version: - Oberon Media)
Dropbox (HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Emilka Holubová - Montezumův poklad (HKLM-x32\...\Emilka Holubová - Montezumův poklad) (Version: - )
Epson Easy Photo Print 2 (HKLM-x32\...\{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}) (Version: 2.2.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX525WD Series Manuál (HKLM-x32\...\EPSON SX525WD Series Manual) (Version: - )
EPSON SX525WD Series Printer Uninstall (HKLM\...\EPSON SX525WD Series) (Version: - SEIKO EPSON Corporation)
EPSON SX525WD Series Síťová příručka (HKLM-x32\...\EPSON SX525WD Series Network Guide) (Version: - )
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
ETDWare PS/2-x64 7.0.5.5_WHQL (HKLM\...\Elantech) (Version: - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.3 - ASUS)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\{6C3496DF-CC4C-4CDE-87A1-8657619EE2D6}_is1) (Version: 5.2.1.4 - Oberon Media, Inc.)
GameXN GO (HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Game Organizer) (Version: - GameXN AS)
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Huawei Drivers (HKLM-x32\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 6.00.08.00 - )
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Internet Manager (HKLM-x32\...\DT_Group KEY40 Internet Manager_is1) (Version: 02.00.12 - Alcatel)
Internet Manager (HKLM-x32\...\Tmobile_Czech Estoril Internet Manager_is1) (Version: - T-mobile)
Island Wars 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110304260}) (Version: - Oberon Media)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help-frissítés (KB963678) (HKLM-x32\...\{90120000-0016-040E-0000-0000000FF1CE}_PROHYBRIDR_{76BD9044-91EB-46FC-8CA6-0AA239BB8A93}) (Version: - Microsoft)
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help-frissítés (KB963669) (HKLM-x32\...\{90120000-0018-040E-0000-0000000FF1CE}_PROHYBRIDR_{6863CE52-1321-482E-B930-B325EE09AEFF}) (Version: - Microsoft)
Microsoft Office Word 2007 Help-frissítés (KB963665) (HKLM-x32\...\{90120000-001B-040E-0000-0000000FF1CE}_PROHYBRIDR_{0E56E23A-EDB8-42C7-A285-7258C5944EB4}) (Version: - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVC80_x64 (HKLM\...\{68660049-8D48-427C-9FF7-139D8340CDC0}) (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86 (HKLM-x32\...\{212748BB-0DA5-46DE-82A1-403736DC9F27}) (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{4AA68A73-DB9C-439D-9481-981C82BD008B}) (Version: 7.1.69.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}) (Version: 7.1.40.6 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.40.6 - Nokia)
Nokia Suite (HKLM-x32\...\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}) (Version: 3.3.86.0 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.3.86.0 - Nokia)
PC Connectivity Solution (HKLM-x32\...\{A2AA4204-C05A-4013-888A-AD153139297F}) (Version: 11.5.29.0 - Nokia)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Piggly (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116864777}) (Version: - Oberon Media)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
Posodobitev za Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0424-0000-0000000FF1CE}_PROHYBRIDR_{FD705E62-13B4-4BF5-A4B2-A7599309751B}) (Version: - Microsoft)
Posodobitev za Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0424-0000-0000000FF1CE}_PROHYBRIDR_{045DC059-1CCC-47B9-BA35-713E269D33B8}) (Version: - Microsoft)
Posodobitev za Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0424-0000-0000000FF1CE}_PROHYBRIDR_{AD1C31E7-4856-4887-9307-1ABDE0F2DF7C}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Smileyville (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110413757}) (Version: - Oberon Media)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.93450 - TeamViewer)
T-Mobile Internet Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2017-12-05@2017-04-13 - Gemfor s.r.o.)
Trend Micro Internet Security (HKLM\...\{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}) (Version: 17.50 - Trend Micro Inc.)
Trend Micro Internet Security (HKLM\...\{9D2B0322-44AE-460E-9283-4D2D7A9205AE}) (Version: 17.50 - Trend Micro Inc.) Hidden
UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}) (Version: 14.0.8050.1202 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.26.0 - ASUS)
WinRAR 5.61 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.10 - ASUS)
ZTE Drivers (HKLM-x32\...\{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}) (Version: 1.2088.0.7 - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ShellIconOverlayIdentifiers: [OverlayIconExtension1] -> {fe25455d-b4c2-4e32-97d2-92632ec1c224} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayIconExtension2] -> {1fae2d88-a78e-4f03-909f-be818a3c1ce6} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ContextMenuHandlers1: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-08-25] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1561311962-1441187426-1150558857-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1561311962-1441187426-1150558857-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1561311962-1441187426-1150558857-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07946729-ED45-4079-80C1-1ADEA7897DFB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {07946729-ED45-4079-80C1-1ADEA7897DFB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {07946729-ED45-4079-80C1-1ADEA7897DFB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {3C0EC33D-CBFC-45F3-90B0-A45FA8554A70} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {5382E3B8-7C25-4183-BFBE-A11F09BD67F1} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-03-28] ()
Task: {56550F2E-D0F2-44C8-A583-CAE07A4DFC19} - System32\Tasks\{7DE5D5B4-8633-4C34-BE0B-5FC133D56512} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.4.0.102/cs/a ... age=tsBing
Task: {5A4BD829-F7F4-476E-8EDE-B44256CC77E7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {5D732649-BC8C-495E-A1AC-B82CC9199486} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {5D732649-BC8C-495E-A1AC-B82CC9199486} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {71630AF2-2E1F-4E14-864A-43D0872DB49E} - System32\Tasks\{FF57DB4C-48CE-46FC-A838-3B58AFD7FB33} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {73197AA9-9EBF-4FB5-B7B0-C138DC16A9F0} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {7BC3011A-B562-4641-92EA-B5DD8143E90F} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-18] (ASUS)
Task: {842D7842-98B4-4A73-9202-099EF373304C} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-07-23] ()
Task: {8AAAEA25-3081-498A-90BF-6EFD6316ACD1} - System32\Tasks\{F732C669-AE47-4ED4-BEEF-B6AEEC24AE96} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.7.85.103/cs/ ... age=tsBing
Task: {8F3BC5A2-EEEC-408F-92CE-F1D9EF85A33E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [2019-01-08] (AVAST Software)
Task: {8FDAF8D3-3A8B-4CDB-80AD-5E7260FADC68} - System32\Tasks\{A6AD7D02-39F7-43B6-8A99-F6D4E96CA720} => "c:\program files (x86)\internet explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?sou ... tError=404
Task: {911F0B32-E347-45FE-AFA6-BAA4654B7A0E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {911F0B32-E347-45FE-AFA6-BAA4654B7A0E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {95003BE8-A177-43E1-835E-242EDD5F1BE3} - System32\Tasks\{3E0A8D8C-9BC9-49D9-A9FF-C42B35F98265} => C:\Windows\system32\pcalua.exe -a E:\Installer.exe -d E:\
Task: {95F02511-4B83-4D16-8314-99503B163D5A} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
Task: {9BA05DC4-4F31-4CB7-8DEF-41F43ADCB51A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A8BAC974-A635-4ED5-8262-069ABD9E91D6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2019-01-09] (AVAST Software)
Task: {B729D963-1A98-4C0C-B555-907230324A67} - System32\Tasks\{9BBCE89E-F745-42A6-B028-EE4F842A78E4} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {C58FEA7B-C177-4F83-8D46-DB511D6EFA73} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1561311962-1441187426-1150558857-1000
Task: {C76C900D-BB43-48E3-A1DB-95D2BF1BC8AD} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-07-24] ()
Task: {C8845FC6-A002-4E6E-8C33-1173487FBAD5} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {CBC1331A-FC6C-4A15-B92B-372C2E2FF9E3} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-07-29] (ATK)
Task: {D3F95ACF-B99F-4688-9412-3D0365C29E80} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {D3F95ACF-B99F-4688-9412-3D0365C29E80} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {EEF4DB7B-61C6-499A-8FA7-D145B9E74CD2} - System32\Tasks\{50327B28-23B6-4EF5-9C3C-A0EDA407D01C} => "c:\program files (x86)\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/ ... age=tsBing
Task: {F1CD5DB2-BF70-4B10-AF97-A2F0F10D8D8F} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {F2491AFA-A274-4A1A-9CB8-195F01DA1941} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {FB22D26D-059F-401E-9DA1-C8CDC8C6C7B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2009-10-30 18:42 - 2007-08-08 08:08 - 000094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2019-01-08 16:56 - 2019-01-08 16:56 - 000667016 _____ () C:\Program Files\Alwil Software\Avast5\streamback.dll
2019-01-08 16:56 - 2019-01-08 16:56 - 000550792 _____ () C:\Program Files\Alwil Software\Avast5\gui_cache.dll
2019-01-08 16:56 - 2019-01-08 16:56 - 001175944 _____ () C:\Program Files\Alwil Software\Avast5\hns_tools.dll
2019-01-08 16:56 - 2019-01-08 16:56 - 001967496 _____ () C:\Program Files\Alwil Software\Avast5\shepherdsync.dll
2019-01-10 11:19 - 2019-01-10 11:19 - 006909072 _____ () C:\Program Files\Alwil Software\Avast5\defs\19011000\algo64.dll
2009-08-25 08:47 - 2009-08-25 08:47 - 000140560 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\EcaremeDLL.dll
2009-10-30 18:21 - 2009-10-30 18:21 - 000029968 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3524.15966__0d0f4b69e50e559b\SqliteShared.dll
2009-10-30 18:21 - 2009-10-30 18:21 - 000931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2008-08-14 04:59 - 2008-08-14 04:59 - 000301624 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
2018-12-19 15:06 - 2016-06-17 17:08 - 000078120 _____ () C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ServiceManager.exe
2009-07-23 01:58 - 2009-07-23 01:58 - 000017976 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2009-07-24 18:32 - 2009-07-24 18:32 - 001593344 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2009-05-05 18:00 - 2009-05-05 18:00 - 000041472 _____ () C:\Program Files\P4G\DevMng.dll
2009-07-27 18:12 - 2009-07-27 18:12 - 000026624 _____ () C:\Program Files\P4G\OvrClk.dll
2009-10-30 18:42 - 2007-03-10 02:58 - 000124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll
2008-10-01 07:02 - 2008-10-01 07:08 - 000011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-08-25 08:47 - 2009-08-25 08:47 - 000095504 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\BSWorker.dll
2009-08-25 08:47 - 2009-08-25 08:47 - 000083216 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\BSBroker.dll
2009-10-30 18:44 - 2007-11-30 19:20 - 000051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2018-12-19 14:50 - 2014-12-11 11:24 - 000076584 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
2019-01-08 16:56 - 2019-01-08 16:57 - 093695912 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2009-10-30 18:42 - 2009-05-07 09:51 - 000071680 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2009-10-30 18:42 - 2009-05-07 09:53 - 000379392 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2009-10-30 18:42 - 2008-01-18 07:49 - 000098816 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2009-10-30 18:42 - 2009-07-06 07:37 - 047601664 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2018-12-19 14:50 - 2014-12-11 11:19 - 000159016 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe
2018-12-19 15:06 - 2016-07-01 13:46 - 000172840 _____ () C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ModemListener.exe
2009-08-22 10:31 - 2009-08-22 10:31 - 000207656 _____ () C:\Program Files\Trend Micro\Internet Security\UfPack.dll
2009-08-22 14:18 - 2009-08-22 14:18 - 001106864 _____ () C:\Program Files\Trend Micro\Internet Security\sqlite3.dll
2018-09-19 09:12 - 2018-09-19 09:12 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2009-10-30 18:44 - 2009-06-22 21:37 - 000212992 _____ () C:\Windows\SysWOW64\Fast Boot\GetBootTime.dll
2008-08-28 00:32 - 2008-08-28 00:32 - 000619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2008-06-09 17:55 - 2008-06-09 17:55 - 000013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 008172928 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 002288512 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000919936 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000346496 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000032640 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000034688 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000202624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000196480 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 002252672 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 001294208 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 002557312 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2012-01-10 18:38 - 2012-01-10 18:38 - 000095104 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2012-01-10 18:38 - 2012-01-10 18:38 - 000165248 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QxtWeb.dll
2012-01-10 18:38 - 2012-01-10 18:38 - 000384896 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QxtCore.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 010843520 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2012-01-10 18:38 - 2012-01-10 18:38 - 000272768 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2012-01-10 18:38 - 2012-01-10 18:38 - 000423808 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2012-01-10 18:38 - 2012-01-10 18:38 - 000058240 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2012-01-10 18:36 - 2012-01-10 18:36 - 000388480 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\OviShareLib.dll
2012-01-10 18:36 - 2012-01-10 18:36 - 001037696 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\Maps Service API.dll
2012-01-10 18:36 - 2012-01-10 18:36 - 000437632 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000422272 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000517504 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000682880 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2012-01-10 18:35 - 2012-01-10 18:35 - 000758656 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2012-01-05 16:00 - 2012-01-05 16:00 - 000112640 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:15024E60 [284]
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [134]
AlternateDataStreams: C:\ProgramData\Temp:734E442A [135]
AlternateDataStreams: C:\ProgramData\Temp:A724744F [124]
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA [151]
AlternateDataStreams: C:\ProgramData\Temp:B88E99C8 [121]
AlternateDataStreams: C:\ProgramData\Temp:D282699C [198]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-04 19:29 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.202.74.3 - 82.202.74.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D263435D-EC53-4CD0-8403-EEF70D3CBA44}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
FirewallRules: [{011BC941-B6D4-440F-A0A0-075D0C282A6A}] => (Allow) svchost.exe (Microsoft Corporation)
FirewallRules: [{AE2378BB-A52E-45E9-B97C-80388D64A0B0}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{81746517-3440-48B9-8DBE-B06FD5DFE60E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{49E3A9D4-8864-40CB-AA0F-8917FF898C88}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{17609F11-3510-489C-B805-3305A8E628A9}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{649F5548-9993-4940-BC53-BC53DC3A92FD}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe (SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{50BE9B1A-F206-42F3-BAD6-21C4505EB126}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{703928BE-5913-411F-BE92-B4EA1544AAB0}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{CD3F438C-1B0E-4622-8D6E-F5CD395755FE}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{884418A2-5A09-4E00-B64E-2E03FB62134B}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{972E768E-A928-4DAA-A0DC-CDC78202E744}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{07CFE3CD-31B6-466F-84DA-866F37927570}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [TCP Query User{8722E522-6F7E-4BC7-9F61-0EAF07C5484B}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{E57D1A96-ACAB-4288-9CA1-5C1008DC4217}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation)
FirewallRules: [{7E002948-3586-4CCB-BDD7-F16A9EAF9A7F}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe (Nokia)
FirewallRules: [{DAC7F701-CD67-474F-A5EE-F991C8CF30A0}] => (Allow) C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
FirewallRules: [{69AEE8E8-C14F-4E84-B233-D1A428491D80}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{2599C41F-8F8E-4831-AE3E-D56C0B4EBB12}] => (Allow) LPort=2869
FirewallRules: [{8B5CA635-9605-4754-877B-9D38F33E522C}] => (Allow) LPort=1900
FirewallRules: [{A71ACD0B-B249-4B2B-A261-001AAFA2A8AF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{1ED72EBB-2B77-42D7-ACD1-9B230B1C840F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{A108C508-51C9-4425-8B0C-9931635A98C2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{21373F48-D5DD-4DFF-9D6F-50AEB201EC03}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{253ECF4A-9A22-46BC-8858-CFD0D39FFF9F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{08B41DE7-6C67-47F9-BF38-F319CEE47CE5}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{91213628-A359-40E8-8653-867937F97350}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{5CA2403D-D33F-4F85-AAFC-B291346C24A5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{522E1E59-35FA-4D10-87A0-84A680632F03}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{6C90AA52-CB91-4B8D-8A7F-3B60DBBB182C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{52EAD73B-D150-4509-B4E3-9D59908E500D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

==================== Restore Points =========================

09-01-2019 17:59:24 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/10/2019 11:27:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: esu.exe, verze: 1.0.0.0, časové razítko: 0x58dac8d5
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23418, časové razítko: 0x5708a7e4
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0x584
Čas spuštění chybující aplikace: 0x01d4a8cf167df494
Cesta k chybující aplikaci: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 5a7e1124-14c2-11e9-8c45-d5d6a7e1c3af

Error: (01/10/2019 11:27:36 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: esu.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext()
na System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef)
na Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean)
na Garmin.Omt.Service.Shared.Overrides..cctor()

Informace o výjimce: System.TypeInitializationException
na Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl()
na Garmin.Omt.Express.SelfUpdater.Program.RealMain()
na Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[])

Error: (01/09/2019 08:50:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (01/09/2019 08:50:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (01/09/2019 08:50:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (01/09/2019 08:50:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (01/09/2019 08:50:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (01/09/2019 08:48:17 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.


System errors:
=============
Error: (01/10/2019 12:28:26 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (01/10/2019 12:28:26 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (01/10/2019 11:21:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo časového limitu (30000 ms).

Error: (01/10/2019 11:21:03 AM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: Služba 'WMPNetworkSvc' nebyla spuštěna správně, protože registr nebylo možné aktualizovat v důsledku chyby '0x80070006'. Pokud je to možné, přeinstalujte program Windows Media Player.

Error: (01/10/2019 11:18:17 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd

Error: (01/10/2019 11:18:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Mobile Broadband Extension Service byla ukončena s následující chybou:
%%-2147483576

Error: (01/10/2019 11:17:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Oberon Media Game Console service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/10/2019 11:17:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Oberon Media Game Console service bylo dosaženo časového limitu (30000 ms).


Windows Defender:
===================================
Date: 2013-01-19 14:51:26.684
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2012-11-11 18:53:47.062
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2012-04-10 19:11:52.033
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

CodeIntegrity:
===================================

Date: 2016-02-29 19:32:56.688
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\atmfd.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-29 19:32:56.469
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\atmfd.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-29 19:32:55.362
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\atmfd.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-29 19:32:55.143
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\atmfd.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz
Percentage of memory in use: 63%
Total physical RAM: 3037.09 MB
Available physical RAM: 1102.78 MB
Total Virtual: 6072.36 MB
Available Virtual: 3766.52 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:74.52 GB) (Free:6.36 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:208.92 GB) (Free:159.47 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: D9B3496E)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=208.9 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, klikni na Zobrazit soubor protokolu.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

sejk
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 01 úno 2014 12:23

Re: Prosím o kontrolu logu

#3 Příspěvek od sejk »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-11-2019
# Duration: 00:00:13
# OS: Windows 7 Home Premium
# Cleaned: 21
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\ICQ\ICQToolbar
Deleted C:\ProgramData\ICQ\ICQNewTab
Deleted C:\Program Files (x86)\ICQ6Toolbar

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1561311962-1441187426-1150558857-1000\Software\ICQ\ICQToolbar
Deleted HKLM\Software\Wow6432Node\ICQ\ICQToolbar
Deleted HKCU\Software\ImInstaller
Deleted HKLM\Software\Wow6432Node\ImInstaller
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{E716F183-5AD7-11DC-9670-00508DC0D496}
Deleted HKLM\Software\Classes\TypeLib\{E716F183-5AD7-11DC-9670-00508DC0D496}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Deleted HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Deleted HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|ICQ Search
Deleted HKCU\Software\SweetIM
Deleted HKLM\Software\Wow6432Node\SweetIM

***** [ Chromium (and derivatives) ] *****

Deleted Bing Search Engine

***** [ Chromium URLs ] *****

Deleted ICQ Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3019 octets] - [11/01/2019 19:08:50]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#4 Příspěvek od Diallix »

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

sejk
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 01 úno 2014 12:23

Re: Prosím o kontrolu logu

#5 Příspěvek od sejk »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.01.2019 01
Ran by rodinka (administrator) on ASUS (11-01-2019 23:27:42)
Running from C:\Users\rodinka\Desktop
Loaded Profiles: rodinka (Available Profiles: rodinka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
() C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ServiceManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
(ECAREME) C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(EasyBits Software AS) C:\ProgramData\GameXN\GameXNGO.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(© 2015 Microsoft Corporation) C:\Users\rodinka\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
() C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe
() C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ModemListener.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [UfSeAgnt.exe] => C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1022904 2010-02-23] (Trend Micro Inc.)
HKLM\...\Run: [EeeStorageBackup] => C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [947472 2009-08-25] (ECAREME)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [619392 2009-06-12] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [261512 2019-01-08] (AVAST Software)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2244096 2009-07-13] (VIA)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Tmobile_Czech Estoril ModemListener] => C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [159016 2014-12-11] ()
HKLM-x32\...\Run: [DT_Group KEY40 ModemListener] => C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ModemListener.exe [172840 2016-07-01] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [261512 2019-01-08] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [EPSON SX525WD Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [] => [X]
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1083264 2012-01-10] (Nokia)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [GameXN GO] => C:\ProgramData\GameXN\GameXNGO.exe [347008 2011-12-24] (EasyBits Software AS)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2171520 2017-12-05] (Gemfor s.r.o.)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [BingSvc] => C:\Users\rodinka\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: F - F:\iStudio.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: H - H:\iStudio.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {36704758-e5b1-11e8-9101-9d30524f5bb0} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {7457efc2-113d-11e3-b844-90e6ba926044} - G:\AutoRun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {8ddd1ffa-f561-11e2-ac52-90e6ba926044} - G:\AutoRun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {b5099c5e-5b74-11df-9e0a-90e6ba926044} - G:\iStudio.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {bbf2da3d-10a2-11e3-ba67-90e6ba926044} - G:\AutoRun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {f88602c8-0391-11e9-8fd5-d8ae6fdf90a9} - G:\autorun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {f8860321-0391-11e9-8fd5-97e3480b647c} - G:\autorun.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2009-05-01] (ASUS)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2009-10-30]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-12-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\tmchlang.lnk [2009-10-30]
ShortcutTarget: tmchlang.lnk -> C:\Program Files\Trend Micro\Internet Security\TmChLang.exe (Trend Micro Inc.)
Startup: C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2018-09-12]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1561311962-1441187426-1150558857-1000] => 172.24.12.1:3128
Tcpip\Parameters: [DhcpNameServer] 82.202.74.3 82.202.74.4 192.168.2.254
Tcpip\..\Interfaces\{905407FB-76B5-4ED9-9380-44A2BEECFA1E}: [DhcpNameServer] 82.202.74.3 82.202.74.4 192.168.2.254
Tcpip\..\Interfaces\{9F34E130-DCAE-4941-8DF3-24BC730FBC68}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CEA2FA5D-C5B9-48D6-BCC9-627620CF608E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E504117C-A811-4985-B8CD-5C4A9210655D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{F1992B06-DB3E-4D43-8446-02B1BE795078}: [DhcpNameServer] 94.74.192.252 94.74.192.244

Internet Explorer:
==================
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [fe_9.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF Extension: (No Name) - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012-03-08] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [te_9.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: (No Name) - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-03-08] [Legacy] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxx ... google.com"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchT ... e}&PC=U316
CHR Profile: C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default [2019-01-11]
CHR Extension: (YouTube) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (Bing Search Engine) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2018-03-22]
CHR Extension: (Vyhledávání Google) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-22]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-19]
CHR Extension: (Avast Online Security) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-12-19]
CHR Extension: (Skype) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-03-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-19]
CHR Extension: (Gmail) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-12]
CHR Extension: (Chrome Media Router) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-19]
CHR HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [7834368 2019-01-08] (AVAST Software)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [357816 2019-01-08] (AVAST Software)
R2 DT_Group KEY40 Modem Device Helper; C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ServiceManager.exe [78120 2016-06-17] ()
R2 FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [306232 2009-07-24] (ASUSTeK Computer Inc.)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
S2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [422608 2017-04-13] (Gemfor s.r.o.)
S2 OberonGameConsoleService; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [44312 2009-09-15] ()
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [859712 2010-10-09] (Trend Micro Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6634224 2018-02-02] (TeamViewer GmbH)
S3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [570632 2009-08-22] (Trend Micro Inc.)
R2 Tmobile_Czech Estoril Modem Device Helper; C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe [76584 2014-12-11] ()
S3 TmProxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [917768 2009-08-22] (Trend Micro Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-08] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-08] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [220688 2019-01-08] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-08] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-08] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-08] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-08] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-08] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166472 2019-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-08] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-08] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-08] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-08] (AVAST Software)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [32768 2010-10-08] (Huawei Tech. Co., Ltd.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [761592 2011-05-03] (Duplex Secure Ltd.)
R2 tmpreflt; C:\Windows\System32\DRIVERS\tmpreflt.sys [42768 2011-07-12] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [107536 2009-08-22] (Trend Micro Inc.)
R2 tmxpflt; C:\Windows\System32\DRIVERS\tmxpflt.sys [342288 2011-07-12] (Trend Micro Inc.)
R2 vsapint; C:\Windows\System32\DRIVERS\vsapint.sys [2077456 2011-07-12] (Trend Micro Inc.)
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-11 19:06 - 2019-01-11 19:09 - 000000000 ____D C:\AdwCleaner
2019-01-11 19:06 - 2019-01-11 19:04 - 007320272 _____ (Malwarebytes) C:\Users\rodinka\Desktop\adwcleaner_7.2.6.0.exe
2019-01-10 12:34 - 2019-01-10 12:35 - 000057531 _____ C:\Users\rodinka\Desktop\Addition.txt
2019-01-10 12:33 - 2019-01-11 23:28 - 000024981 _____ C:\Users\rodinka\Desktop\FRST.txt
2019-01-10 12:31 - 2019-01-11 23:27 - 000000000 ____D C:\FRST
2019-01-10 12:30 - 2019-01-10 12:31 - 002425856 _____ (Farbar) C:\Users\rodinka\Desktop\FRST64.exe
2019-01-08 16:57 - 2019-01-08 16:56 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-08 16:57 - 2019-01-08 16:56 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-08 16:57 - 2019-01-08 16:56 - 000220688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-08 16:57 - 2019-01-08 16:56 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-08 16:57 - 2019-01-08 16:56 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-08 16:57 - 2019-01-08 16:56 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-08 15:37 - 2019-01-08 16:16 - 000000000 ____D C:\Windows\SysWOW64\19010804_stream
2018-12-19 15:06 - 2018-12-19 15:06 - 000000000 ____D C:\Program Files\T-Mobile
2018-12-19 14:50 - 2018-12-19 15:06 - 000001964 _____ C:\Users\Public\Desktop\Internet Manager.lnk
2018-12-19 14:50 - 2018-12-19 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2018-12-19 14:50 - 2018-12-19 14:50 - 000000000 ____D C:\Program Files (x86)\Internet Manager
2018-12-19 14:50 - 2013-06-18 11:33 - 000123776 _____ (TCT International Mobile Ltd.) C:\Windows\system32\Drivers\jrdusbser.sys
2018-12-19 14:47 - 2016-07-05 11:11 - 000381568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys
2018-12-19 14:47 - 2016-07-05 11:10 - 000126848 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys
2018-12-19 14:47 - 2015-01-15 13:04 - 000018688 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2018-12-19 14:47 - 2014-09-11 11:06 - 000457728 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2018-12-19 14:47 - 2013-11-30 12:25 - 000226176 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2018-12-19 14:47 - 2013-01-25 04:46 - 000109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2018-12-19 14:47 - 2010-10-08 12:29 - 000032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2018-12-19 14:47 - 2010-09-26 13:39 - 000022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2018-12-19 14:44 - 2018-12-19 14:44 - 000001307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-Mobile Internet Manager.lnk
2018-12-19 14:44 - 2018-12-19 14:44 - 000001210 _____ C:\Users\rodinka\Desktop\T-Mobile Internet Manager.lnk
2018-12-19 14:44 - 2018-12-19 14:44 - 000001210 _____ C:\Users\Default\Desktop\T-Mobile Internet Manager.lnk
2018-12-19 14:44 - 2018-12-19 14:44 - 000001210 _____ C:\Users\Default User\Desktop\T-Mobile Internet Manager.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-11 23:28 - 2011-11-27 19:52 - 000000000 ____D C:\ProgramData\GameXN
2019-01-11 22:31 - 2009-07-14 05:45 - 000006784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-11 22:31 - 2009-07-14 05:45 - 000006784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-11 20:08 - 2014-06-17 09:44 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-01-11 19:27 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-01-11 19:15 - 2018-05-01 21:12 - 000000000 ____D C:\Users\rodinka\AppData\Local\AVAST Software
2019-01-11 19:12 - 2009-10-30 18:44 - 000003004 _____ C:\Windows\System32\Tasks\ASUS Live Update
2019-01-11 19:11 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-11 19:09 - 2010-01-04 19:26 - 000000000 ____D C:\ProgramData\ICQ
2019-01-11 18:58 - 2015-07-14 20:23 - 000000000 ___SD C:\Users\rodinka\AppData\LocalLow\Temp
2019-01-11 18:56 - 2011-05-29 19:10 - 000000000 ____D C:\Users\rodinka\AppData\Roaming\go
2019-01-09 20:30 - 2009-08-03 21:00 - 000669132 _____ C:\Windows\system32\perfh005.dat
2019-01-09 20:30 - 2009-08-03 21:00 - 000141760 _____ C:\Windows\system32\perfc005.dat
2019-01-09 20:30 - 2009-07-14 06:13 - 001584626 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-09 18:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-01-09 16:37 - 2009-10-30 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park
2019-01-09 16:37 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-01-09 14:44 - 2014-12-15 18:58 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-09 14:44 - 2014-12-15 18:58 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 14:44 - 2014-12-15 18:58 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-01-09 14:44 - 2014-12-15 18:58 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-09 14:44 - 2009-10-30 18:31 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-09 14:34 - 2011-05-03 08:46 - 000000000 ____D C:\Program Files (x86)\WinRAR
2019-01-08 17:48 - 2018-05-01 21:10 - 000000784 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-08 17:48 - 2018-03-28 18:44 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-01-08 17:48 - 2015-03-21 15:35 - 000000000 ____D C:\Program Files\CCleaner
2019-01-08 17:45 - 2011-05-03 08:47 - 000000000 ____D C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-08 17:45 - 2011-05-03 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-08 17:44 - 2018-05-01 21:13 - 000001312 _____ C:\Users\Public\Desktop\Skype.lnk
2019-01-08 17:44 - 2018-05-01 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-01-08 17:38 - 2009-07-14 06:08 - 000032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-01-08 16:58 - 2017-08-16 14:57 - 000003912 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-08 16:56 - 2018-10-22 15:53 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-08 16:56 - 2017-12-26 17:40 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-08 16:56 - 2017-12-26 17:40 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-08 16:56 - 2014-05-01 17:25 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-08 16:56 - 2014-01-02 08:24 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-08 16:56 - 2013-03-16 14:28 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-08 16:56 - 2013-03-16 14:28 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-08 16:56 - 2012-02-26 14:42 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-08 16:56 - 2011-06-19 18:20 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-08 16:56 - 2009-12-14 09:11 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-08 16:56 - 2009-12-14 09:11 - 000166472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-08 16:44 - 2009-12-12 10:24 - 000000000 __SHD C:\Users\rodinka\AppData\Roaming\.#
2019-01-07 19:27 - 2009-12-29 21:53 - 000000000 ____D C:\Windows\system32\Service
2019-01-07 09:09 - 2014-08-09 14:12 - 000045056 _____ C:\Windows\system32\acovcnt.exe
2018-12-19 17:58 - 2010-02-12 11:10 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-19 17:58 - 2010-02-12 11:10 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-19 17:47 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-12-19 17:42 - 2009-10-30 18:46 - 000002142 _____ C:\Windows\system32\AutoRunFilter.ini
2018-12-19 17:42 - 2009-10-30 18:46 - 000001931 _____ C:\Windows\system32\ServiceFilter.ini
2018-12-19 14:47 - 2013-08-30 07:51 - 000000000 ____D C:\Program Files (x86)\ZTE
2018-12-19 14:44 - 2013-08-30 07:50 - 000000000 ____D C:\Program Files (x86)\T-Mobile
2018-12-14 21:47 - 2012-07-12 18:42 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-14 21:47 - 2012-07-12 18:42 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2007-06-12 17:34 - 2007-06-12 17:34 - 000035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 16:35 - 2008-05-22 16:35 - 000051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 18:31 - 2009-04-08 18:31 - 000106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 - 2008-08-12 05:45 - 000155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2015-12-30 16:32 - 2016-01-02 18:20 - 000000268 _____ () C:\Users\rodinka\AppData\Roaming\_
2012-04-01 17:23 - 2012-04-01 17:23 - 000004096 ____H () C:\Users\rodinka\AppData\Local\keyfile3.drm
2014-07-09 09:49 - 2014-07-09 09:49 - 000020480 ____T () C:\Users\rodinka\AppData\Local\uninstall.tmp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-09 17:52

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.01.2019 01
Ran by rodinka (11-01-2019 23:28:57)
Running from C:\Users\rodinka\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2009-12-08 17:10:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1561311962-1441187426-1150558857-500 - Administrator - Disabled)
Guest (S-1-5-21-1561311962-1441187426-1150558857-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1561311962-1441187426-1150558857-1002 - Limited - Enabled)
rodinka (S-1-5-21-1561311962-1441187426-1150558857-1000 - Administrator - Enabled) => C:\Users\rodinka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Internet Security (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Trend Micro Internet Security (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.01.513.58212 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Actualizare Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0418-0000-0000000FF1CE}_PROHYBRIDR_{6195740F-0C89-4CDD-ACAD-67CCE1495348}) (Version: - Microsoft)
Actualizare Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0418-0000-0000000FF1CE}_PROHYBRIDR_{E78703E2-69D3-4204-B101-9D8B7B72585C}) (Version: - Microsoft)
Actualizare Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0418-0000-0000000FF1CE}_PROHYBRIDR_{1531AE8C-8271-4A8C-9ABA-86AE70B0DA82}) (Version: - Microsoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.6 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{60D6618B-153F-4353-8185-908E676E5888}) (Version: 1.0.5 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}) (Version: 1.1.19 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
Asus WebStorage (HKLM\...\Asus WebStorage) (Version: 2.0.31.477 - eCareme Technologies, Inc.)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.16 - Atheros Communications Inc.)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0051 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0005 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0005 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Classic Menu 3.x for Office 2007 (HKLM-x32\...\{409ECFF1-9CC7-43A8-B28A-B7F0B7CB04D1}_is1) (Version: - Addintools)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.3 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2713 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dream Day Wedding Married in Manhattan (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}) (Version: - Oberon Media)
Dropbox (HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Emilka Holubová - Montezumův poklad (HKLM-x32\...\Emilka Holubová - Montezumův poklad) (Version: - )
Epson Easy Photo Print 2 (HKLM-x32\...\{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}) (Version: 2.2.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX525WD Series Manuál (HKLM-x32\...\EPSON SX525WD Series Manual) (Version: - )
EPSON SX525WD Series Printer Uninstall (HKLM\...\EPSON SX525WD Series) (Version: - SEIKO EPSON Corporation)
EPSON SX525WD Series Síťová příručka (HKLM-x32\...\EPSON SX525WD Series Network Guide) (Version: - )
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
ETDWare PS/2-x64 7.0.5.5_WHQL (HKLM\...\Elantech) (Version: - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.3 - ASUS)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\{6C3496DF-CC4C-4CDE-87A1-8657619EE2D6}_is1) (Version: 5.2.1.4 - Oberon Media, Inc.)
GameXN GO (HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Game Organizer) (Version: - GameXN AS)
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Huawei Drivers (HKLM-x32\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 6.00.08.00 - )
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Internet Manager (HKLM-x32\...\DT_Group KEY40 Internet Manager_is1) (Version: 02.00.12 - Alcatel)
Internet Manager (HKLM-x32\...\Tmobile_Czech Estoril Internet Manager_is1) (Version: - T-mobile)
Island Wars 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110304260}) (Version: - Oberon Media)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help-frissítés (KB963678) (HKLM-x32\...\{90120000-0016-040E-0000-0000000FF1CE}_PROHYBRIDR_{76BD9044-91EB-46FC-8CA6-0AA239BB8A93}) (Version: - Microsoft)
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help-frissítés (KB963669) (HKLM-x32\...\{90120000-0018-040E-0000-0000000FF1CE}_PROHYBRIDR_{6863CE52-1321-482E-B930-B325EE09AEFF}) (Version: - Microsoft)
Microsoft Office Word 2007 Help-frissítés (KB963665) (HKLM-x32\...\{90120000-001B-040E-0000-0000000FF1CE}_PROHYBRIDR_{0E56E23A-EDB8-42C7-A285-7258C5944EB4}) (Version: - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVC80_x64 (HKLM\...\{68660049-8D48-427C-9FF7-139D8340CDC0}) (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86 (HKLM-x32\...\{212748BB-0DA5-46DE-82A1-403736DC9F27}) (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{4AA68A73-DB9C-439D-9481-981C82BD008B}) (Version: 7.1.69.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}) (Version: 7.1.40.6 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.40.6 - Nokia)
Nokia Suite (HKLM-x32\...\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}) (Version: 3.3.86.0 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.3.86.0 - Nokia)
PC Connectivity Solution (HKLM-x32\...\{A2AA4204-C05A-4013-888A-AD153139297F}) (Version: 11.5.29.0 - Nokia)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Piggly (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116864777}) (Version: - Oberon Media)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
Posodobitev za Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0424-0000-0000000FF1CE}_PROHYBRIDR_{FD705E62-13B4-4BF5-A4B2-A7599309751B}) (Version: - Microsoft)
Posodobitev za Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0424-0000-0000000FF1CE}_PROHYBRIDR_{045DC059-1CCC-47B9-BA35-713E269D33B8}) (Version: - Microsoft)
Posodobitev za Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0424-0000-0000000FF1CE}_PROHYBRIDR_{AD1C31E7-4856-4887-9307-1ABDE0F2DF7C}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Smileyville (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110413757}) (Version: - Oberon Media)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.93450 - TeamViewer)
T-Mobile Internet Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2017-12-05@2017-04-13 - Gemfor s.r.o.)
Trend Micro Internet Security (HKLM\...\{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}) (Version: 17.50 - Trend Micro Inc.)
Trend Micro Internet Security (HKLM\...\{9D2B0322-44AE-460E-9283-4D2D7A9205AE}) (Version: 17.50 - Trend Micro Inc.) Hidden
UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}) (Version: 14.0.8050.1202 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.26.0 - ASUS)
WinRAR 5.61 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.10 - ASUS)
ZTE Drivers (HKLM-x32\...\{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}) (Version: 1.2088.0.7 - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ShellIconOverlayIdentifiers: [OverlayIconExtension1] -> {fe25455d-b4c2-4e32-97d2-92632ec1c224} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayIconExtension2] -> {1fae2d88-a78e-4f03-909f-be818a3c1ce6} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ContextMenuHandlers1: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-08-25] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1561311962-1441187426-1150558857-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1561311962-1441187426-1150558857-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1561311962-1441187426-1150558857-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3C0EC33D-CBFC-45F3-90B0-A45FA8554A70} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {5382E3B8-7C25-4183-BFBE-A11F09BD67F1} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-03-28] ()
Task: {56550F2E-D0F2-44C8-A583-CAE07A4DFC19} - System32\Tasks\{7DE5D5B4-8633-4C34-BE0B-5FC133D56512} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.4.0.102/cs/abandoninstall?page=tsBing
Task: {5A4BD829-F7F4-476E-8EDE-B44256CC77E7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {5D732649-BC8C-495E-A1AC-B82CC9199486} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {5D732649-BC8C-495E-A1AC-B82CC9199486} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {71630AF2-2E1F-4E14-864A-43D0872DB49E} - System32\Tasks\{FF57DB4C-48CE-46FC-A838-3B58AFD7FB33} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {73197AA9-9EBF-4FB5-B7B0-C138DC16A9F0} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {7BC3011A-B562-4641-92EA-B5DD8143E90F} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-18] (ASUS)
Task: {842D7842-98B4-4A73-9202-099EF373304C} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-07-23] ()
Task: {85B94C89-D55F-470B-8741-89E15F5B0915} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {85B94C89-D55F-470B-8741-89E15F5B0915} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {8AAAEA25-3081-498A-90BF-6EFD6316ACD1} - System32\Tasks\{F732C669-AE47-4ED4-BEEF-B6AEEC24AE96} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.7.85.103/cs/abandoninstall?page=tsBing
Task: {8F3BC5A2-EEEC-408F-92CE-F1D9EF85A33E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [2019-01-08] (AVAST Software)
Task: {8FDAF8D3-3A8B-4CDB-80AD-5E7260FADC68} - System32\Tasks\{A6AD7D02-39F7-43B6-8A99-F6D4E96CA720} => "c:\program files (x86)\internet explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {95003BE8-A177-43E1-835E-242EDD5F1BE3} - System32\Tasks\{3E0A8D8C-9BC9-49D9-A9FF-C42B35F98265} => C:\Windows\system32\pcalua.exe -a E:\Installer.exe -d E:\
Task: {95F02511-4B83-4D16-8314-99503B163D5A} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
Task: {9BA05DC4-4F31-4CB7-8DEF-41F43ADCB51A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A8BAC974-A635-4ED5-8262-069ABD9E91D6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2019-01-11] (AVAST Software)
Task: {B729D963-1A98-4C0C-B555-907230324A67} - System32\Tasks\{9BBCE89E-F745-42A6-B028-EE4F842A78E4} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {C4A4330C-2C02-44C1-86B1-A7729C7A013E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {C4A4330C-2C02-44C1-86B1-A7729C7A013E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {C4A4330C-2C02-44C1-86B1-A7729C7A013E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {C58FEA7B-C177-4F83-8D46-DB511D6EFA73} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1561311962-1441187426-1150558857-1000
Task: {C76C900D-BB43-48E3-A1DB-95D2BF1BC8AD} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-07-24] ()
Task: {C8845FC6-A002-4E6E-8C33-1173487FBAD5} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {CBC1331A-FC6C-4A15-B92B-372C2E2FF9E3} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-07-29] (ATK)
Task: {D3F95ACF-B99F-4688-9412-3D0365C29E80} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {D3F95ACF-B99F-4688-9412-3D0365C29E80} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {EEF4DB7B-61C6-499A-8FA7-D145B9E74CD2} - System32\Tasks\{50327B28-23B6-4EF5-9C3C-A0EDA407D01C} => "c:\program files (x86)\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/abandoninstall?page=tsBing
Task: {F1CD5DB2-BF70-4B10-AF97-A2F0F10D8D8F} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {F2491AFA-A274-4A1A-9CB8-195F01DA1941} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {FB22D26D-059F-401E-9DA1-C8CDC8C6C7B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2009-10-30 18:42 - 2007-08-08 08:08 - 000094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2019-01-08 16:56 - 2019-01-08 16:56 - 000667016 _____ () C:\Program Files\Alwil Software\Avast5\streamback.dll
2019-01-08 16:56 - 2019-01-08 16:56 - 000550792 _____ () C:\Program Files\Alwil Software\Avast5\gui_cache.dll
2019-01-08 16:56 - 2019-01-08 16:56 - 001175944 _____ () C:\Program Files\Alwil Software\Avast5\hns_tools.dll
2019-01-08 16:56 - 2019-01-08 16:56 - 001967496 _____ () C:\Program Files\Alwil Software\Avast5\shepherdsync.dll
2019-01-11 23:13 - 2019-01-11 23:13 - 006915216 _____ () C:\Program Files\Alwil Software\Avast5\defs\19011104\algo64.dll
2009-08-25 08:47 - 2009-08-25 08:47 - 000140560 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\EcaremeDLL.dll
2009-10-30 18:21 - 2009-10-30 18:21 - 000029968 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3524.15966__0d0f4b69e50e559b\SqliteShared.dll
2009-10-30 18:21 - 2009-10-30 18:21 - 000931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2008-08-14 04:59 - 2008-08-14 04:59 - 000301624 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
2009-07-23 01:58 - 2009-07-23 01:58 - 000017976 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2009-07-24 18:32 - 2009-07-24 18:32 - 001593344 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2008-10-01 07:02 - 2008-10-01 07:08 - 000011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-05-05 18:00 - 2009-05-05 18:00 - 000041472 _____ () C:\Program Files\P4G\DevMng.dll
2009-07-27 18:12 - 2009-07-27 18:12 - 000026624 _____ () C:\Program Files\P4G\OvrClk.dll
2009-10-30 18:42 - 2007-03-10 02:58 - 000124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll
2018-12-19 15:06 - 2016-06-17 17:08 - 000078120 _____ () C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ServiceManager.exe
2009-08-25 08:47 - 2009-08-25 08:47 - 000095504 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\BSWorker.dll
2009-08-25 08:47 - 2009-08-25 08:47 - 000083216 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\BSBroker.dll
2009-10-30 18:44 - 2007-11-30 19:20 - 000051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2018-12-19 14:50 - 2014-12-11 11:24 - 000076584 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
2019-01-08 16:56 - 2019-01-08 16:57 - 093695912 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2009-10-30 18:42 - 2009-05-07 09:51 - 000071680 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2009-10-30 18:42 - 2009-05-07 09:53 - 000379392 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2009-10-30 18:42 - 2008-01-18 07:49 - 000098816 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2009-10-30 18:42 - 2009-07-06 07:37 - 047601664 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2018-12-19 14:50 - 2014-12-11 11:19 - 000159016 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe
2018-12-19 15:06 - 2016-07-01 13:46 - 000172840 _____ () C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ModemListener.exe
2009-08-22 10:31 - 2009-08-22 10:31 - 000207656 _____ () C:\Program Files\Trend Micro\Internet Security\UfPack.dll
2009-08-22 14:18 - 2009-08-22 14:18 - 001106864 _____ () C:\Program Files\Trend Micro\Internet Security\sqlite3.dll
2018-09-19 09:12 - 2018-09-19 09:12 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2009-10-30 18:44 - 2009-06-22 21:37 - 000212992 _____ () C:\Windows\SysWOW64\Fast Boot\GetBootTime.dll
2008-08-28 00:32 - 2008-08-28 00:32 - 000619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2008-06-09 17:55 - 2008-06-09 17:55 - 000013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 008172928 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 002288512 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000919936 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000346496 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000032640 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000034688 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000202624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000196480 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 002252672 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 001294208 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 002557312 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2012-01-10 18:38 - 2012-01-10 18:38 - 000095104 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2012-01-10 18:38 - 2012-01-10 18:38 - 000165248 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QxtWeb.dll
2012-01-10 18:38 - 2012-01-10 18:38 - 000384896 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QxtCore.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 010843520 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2012-01-10 18:38 - 2012-01-10 18:38 - 000272768 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2012-01-10 18:38 - 2012-01-10 18:38 - 000423808 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2012-01-10 18:38 - 2012-01-10 18:38 - 000058240 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2012-01-10 18:36 - 2012-01-10 18:36 - 000388480 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\OviShareLib.dll
2012-01-10 18:36 - 2012-01-10 18:36 - 001037696 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\Maps Service API.dll
2012-01-10 18:36 - 2012-01-10 18:36 - 000437632 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000422272 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000517504 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2012-01-10 18:37 - 2012-01-10 18:37 - 000682880 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2012-01-10 18:35 - 2012-01-10 18:35 - 000758656 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2012-01-05 16:00 - 2012-01-05 16:00 - 000112640 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:15024E60 [284]
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [134]
AlternateDataStreams: C:\ProgramData\Temp:734E442A [135]
AlternateDataStreams: C:\ProgramData\Temp:A724744F [124]
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA [151]
AlternateDataStreams: C:\ProgramData\Temp:B88E99C8 [121]
AlternateDataStreams: C:\ProgramData\Temp:D282699C [198]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-04 19:29 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.202.74.3 - 82.202.74.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D263435D-EC53-4CD0-8403-EEF70D3CBA44}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
FirewallRules: [{011BC941-B6D4-440F-A0A0-075D0C282A6A}] => (Allow) svchost.exe (Microsoft Corporation)
FirewallRules: [{AE2378BB-A52E-45E9-B97C-80388D64A0B0}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{81746517-3440-48B9-8DBE-B06FD5DFE60E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{49E3A9D4-8864-40CB-AA0F-8917FF898C88}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{17609F11-3510-489C-B805-3305A8E628A9}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{649F5548-9993-4940-BC53-BC53DC3A92FD}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe (SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{50BE9B1A-F206-42F3-BAD6-21C4505EB126}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{703928BE-5913-411F-BE92-B4EA1544AAB0}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{CD3F438C-1B0E-4622-8D6E-F5CD395755FE}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{884418A2-5A09-4E00-B64E-2E03FB62134B}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{972E768E-A928-4DAA-A0DC-CDC78202E744}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{07CFE3CD-31B6-466F-84DA-866F37927570}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [TCP Query User{8722E522-6F7E-4BC7-9F61-0EAF07C5484B}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{E57D1A96-ACAB-4288-9CA1-5C1008DC4217}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation)
FirewallRules: [{7E002948-3586-4CCB-BDD7-F16A9EAF9A7F}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe (Nokia)
FirewallRules: [{DAC7F701-CD67-474F-A5EE-F991C8CF30A0}] => (Allow) C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
FirewallRules: [{69AEE8E8-C14F-4E84-B233-D1A428491D80}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{2599C41F-8F8E-4831-AE3E-D56C0B4EBB12}] => (Allow) LPort=2869
FirewallRules: [{8B5CA635-9605-4754-877B-9D38F33E522C}] => (Allow) LPort=1900
FirewallRules: [{A71ACD0B-B249-4B2B-A261-001AAFA2A8AF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{1ED72EBB-2B77-42D7-ACD1-9B230B1C840F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{A108C508-51C9-4425-8B0C-9931635A98C2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{21373F48-D5DD-4DFF-9D6F-50AEB201EC03}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{253ECF4A-9A22-46BC-8858-CFD0D39FFF9F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{08B41DE7-6C67-47F9-BF38-F319CEE47CE5}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{91213628-A359-40E8-8653-867937F97350}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{5CA2403D-D33F-4F85-AAFC-B291346C24A5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{522E1E59-35FA-4D10-87A0-84A680632F03}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{6C90AA52-CB91-4B8D-8A7F-3B60DBBB182C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{52EAD73B-D150-4509-B4E3-9D59908E500D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

==================== Restore Points =========================

09-01-2019 17:59:24 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/11/2019 07:04:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: esu.exe, verze: 1.0.0.0, časové razítko: 0x58dac8d5
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23418, časové razítko: 0x5708a7e4
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0x1abc
Čas spuštění chybující aplikace: 0x01d4a9d80040d540
Cesta k chybující aplikaci: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 4ac5488e-15cb-11e9-b9b0-bf45a4c212af

Error: (01/11/2019 07:04:07 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: esu.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext()
na System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef)
na Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean)
na Garmin.Omt.Service.Shared.Overrides..cctor()

Informace o výjimce: System.TypeInitializationException
na Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl()
na Garmin.Omt.Express.SelfUpdater.Program.RealMain()
na Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[])

Error: (01/11/2019 06:58:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (01/11/2019 06:58:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (01/10/2019 12:38:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (01/10/2019 12:38:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (01/10/2019 12:38:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (01/10/2019 12:38:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.


System errors:
=============
Error: (01/11/2019 07:16:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo časového limitu (30000 ms).

Error: (01/11/2019 07:15:32 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: Služba 'WMPNetworkSvc' nebyla spuštěna správně, protože registr nebylo možné aktualizovat v důsledku chyby '0x80070006'. Pokud je to možné, přeinstalujte program Windows Media Player.

Error: (01/11/2019 07:13:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd

Error: (01/11/2019 07:13:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Mobile Broadband Extension Service byla ukončena s následující chybou:
%%-2147483576

Error: (01/11/2019 07:12:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Oberon Media Game Console service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/11/2019 07:12:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Oberon Media Game Console service bylo dosaženo časového limitu (30000 ms).

Error: (01/11/2019 07:12:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Garmin Device Interaction Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/11/2019 07:12:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Garmin Device Interaction Service bylo dosaženo časového limitu (30000 ms).


Windows Defender:
===================================
Date: 2013-01-19 14:51:26.684
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2012-11-11 18:53:47.062
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2012-04-10 19:11:52.033
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

CodeIntegrity:
===================================

Date: 2016-02-29 19:32:56.688
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\atmfd.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-29 19:32:56.469
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\atmfd.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-29 19:32:55.362
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\atmfd.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-29 19:32:55.143
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\atmfd.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz
Percentage of memory in use: 49%
Total physical RAM: 3037.09 MB
Available physical RAM: 1534.87 MB
Total Virtual: 6072.36 MB
Available Virtual: 3994.11 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:74.52 GB) (Free:6.09 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:208.92 GB) (Free:159.47 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: D9B3496E)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=208.9 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#6 Příspěvek od Diallix »

Odinstalujte Google Toolbar.

Na virustotal.com otestujte subor a vysledok testu dajte sem:
C:\Windows\System32\DRIVERS\snp2uvc.sys

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Program Files\McAfee Security Scan
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-12-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
HKLM\...\Run: [EeeStorageBackup] => C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [947472 2009-08-25] (ECAREME)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [] => [X]
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1083264 2012-01-10] (Nokia)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [BingSvc] => C:\Users\rodinka\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: F - F:\iStudio.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: H - H:\iStudio.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {36704758-e5b1-11e8-9101-9d30524f5bb0} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {7457efc2-113d-11e3-b844-90e6ba926044} - G:\AutoRun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {8ddd1ffa-f561-11e2-ac52-90e6ba926044} - G:\AutoRun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {b5099c5e-5b74-11df-9e0a-90e6ba926044} - G:\iStudio.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {bbf2da3d-10a2-11e3-ba67-90e6ba926044} - G:\AutoRun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {f88602c8-0391-11e9-8fd5-d8ae6fdf90a9} - G:\autorun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {f8860321-0391-11e9-8fd5-97e3480b647c} - G:\autorun.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2009-05-01] (ASUS)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2009-05-01] (ASUS)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}&language={language}&PC=U316
CHR Extension: (Bing Search Engine) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2018-03-22]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath
2019-01-11 22:31 - 2009-07-14 05:45 - 000006784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-11 22:31 - 2009-07-14 05:45 - 000006784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
Task: {71630AF2-2E1F-4E14-864A-43D0872DB49E} - System32\Tasks\{FF57DB4C-48CE-46FC-A838-3B58AFD7FB33} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {8AAAEA25-3081-498A-90BF-6EFD6316ACD1} - System32\Tasks\{F732C669-AE47-4ED4-BEEF-B6AEEC24AE96} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.7.85.103/cs/ ... age=tsBing
Task: {8FDAF8D3-3A8B-4CDB-80AD-5E7260FADC68} - System32\Tasks\{A6AD7D02-39F7-43B6-8A99-F6D4E96CA720} => "c:\program files (x86)\internet explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?sou ... tError=404
Task: {95003BE8-A177-43E1-835E-242EDD5F1BE3} - System32\Tasks\{3E0A8D8C-9BC9-49D9-A9FF-C42B35F98265} => C:\Windows\system32\pcalua.exe -a E:\Installer.exe -d E:
Task: {9BA05DC4-4F31-4CB7-8DEF-41F43ADCB51A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FB22D26D-059F-401E-9DA1-C8CDC8C6C7B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
AlternateDataStreams: C:\ProgramData\Temp:15024E60 [284]
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [134]
AlternateDataStreams: C:\ProgramData\Temp:734E442A [135]
AlternateDataStreams: C:\ProgramData\Temp:A724744F [124]
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA [151]
AlternateDataStreams: C:\ProgramData\Temp:B88E99C8 [121]
AlternateDataStreams: C:\ProgramData\Temp:D282699C [198]

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Pre
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

sejk
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 01 úno 2014 12:23

Re: Prosím o kontrolu logu

#7 Příspěvek od sejk »

Google toolbar odinstalován,

akorát nevím jak zkontrolovat ten soubor na virustotal.com, soubor mi to nenajde jde tam otevřít jen obrázky a html nebo url

fixlog zde:

Fix result of Farbar Recovery Scan Tool (x64) Version: 09.01.2019 01
Ran by rodinka (12-01-2019 12:05:41) Run:1
Running from C:\Users\rodinka\Desktop
Loaded Profiles: rodinka (Available Profiles: rodinka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Program Files\McAfee Security Scan
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-12-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
HKLM\...\Run: [EeeStorageBackup] => C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [947472 2009-08-25] (ECAREME)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [] => [X]
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1083264 2012-01-10] (Nokia)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [BingSvc] => C:\Users\rodinka\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (� 2015 Microsoft Corporation)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: F - F:\iStudio.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: H - H:\iStudio.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {36704758-e5b1-11e8-9101-9d30524f5bb0} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {7457efc2-113d-11e3-b844-90e6ba926044} - G:\AutoRun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {8ddd1ffa-f561-11e2-ac52-90e6ba926044} - G:\AutoRun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {b5099c5e-5b74-11df-9e0a-90e6ba926044} - G:\iStudio.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {bbf2da3d-10a2-11e3-ba67-90e6ba926044} - G:\AutoRun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {f88602c8-0391-11e9-8fd5-d8ae6fdf90a9} - G:\autorun.exe
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\MountPoints2: {f8860321-0391-11e9-8fd5-97e3480b647c} - G:\autorun.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2009-05-01] (ASUS)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2009-05-01] (ASUS)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchT ... e}&PC=U316
CHR Extension: (Bing Search Engine) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2018-03-22]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath
2019-01-11 22:31 - 2009-07-14 05:45 - 000006784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-11 22:31 - 2009-07-14 05:45 - 000006784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
Task: {71630AF2-2E1F-4E14-864A-43D0872DB49E} - System32\Tasks\{FF57DB4C-48CE-46FC-A838-3B58AFD7FB33} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {8AAAEA25-3081-498A-90BF-6EFD6316ACD1} - System32\Tasks\{F732C669-AE47-4ED4-BEEF-B6AEEC24AE96} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.7.85.103/cs/ ... age=tsBing
Task: {8FDAF8D3-3A8B-4CDB-80AD-5E7260FADC68} - System32\Tasks\{A6AD7D02-39F7-43B6-8A99-F6D4E96CA720} => "c:\program files (x86)\internet explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?sou ... tError=404
Task: {95003BE8-A177-43E1-835E-242EDD5F1BE3} - System32\Tasks\{3E0A8D8C-9BC9-49D9-A9FF-C42B35F98265} => C:\Windows\system32\pcalua.exe -a E:\Installer.exe -d E:
Task: {9BA05DC4-4F31-4CB7-8DEF-41F43ADCB51A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FB22D26D-059F-401E-9DA1-C8CDC8C6C7B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
AlternateDataStreams: C:\ProgramData\Temp:15024E60 [284]
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [134]
AlternateDataStreams: C:\ProgramData\Temp:734E442A [135]
AlternateDataStreams: C:\ProgramData\Temp:A724744F [124]
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA [151]
AlternateDataStreams: C:\ProgramData\Temp:B88E99C8 [121]
AlternateDataStreams: C:\ProgramData\Temp:D282699C [198]

*****************

Processes closed successfully.
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe => No running process found
C:\Program Files\McAfee Security Scan => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\EeeStorageBackup" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateLBPShortCut" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GoShortCut" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\EEventManager" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe" => removed successfully
"HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc" => removed successfully
"HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GarminExpressTrayApp" => removed successfully
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => removed successfully
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => removed successfully
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36704758-e5b1-11e8-9101-9d30524f5bb0} => removed successfully
HKLM\Software\Classes\CLSID\{36704758-e5b1-11e8-9101-9d30524f5bb0} => not found
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7457efc2-113d-11e3-b844-90e6ba926044} => removed successfully
HKLM\Software\Classes\CLSID\{7457efc2-113d-11e3-b844-90e6ba926044} => not found
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ddd1ffa-f561-11e2-ac52-90e6ba926044} => removed successfully
HKLM\Software\Classes\CLSID\{8ddd1ffa-f561-11e2-ac52-90e6ba926044} => not found
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5099c5e-5b74-11df-9e0a-90e6ba926044} => removed successfully
HKLM\Software\Classes\CLSID\{b5099c5e-5b74-11df-9e0a-90e6ba926044} => not found
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bbf2da3d-10a2-11e3-ba67-90e6ba926044} => removed successfully
HKLM\Software\Classes\CLSID\{bbf2da3d-10a2-11e3-ba67-90e6ba926044} => not found
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f88602c8-0391-11e9-8fd5-d8ae6fdf90a9} => removed successfully
HKLM\Software\Classes\CLSID\{f88602c8-0391-11e9-8fd5-d8ae6fdf90a9} => not found
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8860321-0391-11e9-8fd5-97e3480b647c} => removed successfully
HKLM\Software\Classes\CLSID\{f8860321-0391-11e9-8fd5-97e3480b647c} => not found
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\GarminExpressTrayApp" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7} => removed successfully
HKLM\Software\Classes\CLSID\{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7} => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7} => not found
HKLM\Software\Classes\CLSID\{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => not found
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => not found
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultNewTabURL" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
CHR Extension: (Bing Search Engine) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2018-03-22] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\huawei_enumerator => removed successfully
huawei_enumerator => service removed successfully
HKLM\System\CurrentControlSet\Services\tmlwf => removed successfully
tmlwf => service removed successfully
HKLM\System\CurrentControlSet\Services\tmwfp => removed successfully
tmwfp => service removed successfully
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 => moved successfully
"C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => removed successfully
HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71630AF2-2E1F-4E14-864A-43D0872DB49E} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71630AF2-2E1F-4E14-864A-43D0872DB49E} => removed successfully
C:\Windows\System32\Tasks\{FF57DB4C-48CE-46FC-A838-3B58AFD7FB33} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FF57DB4C-48CE-46FC-A838-3B58AFD7FB33} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AAAEA25-3081-498A-90BF-6EFD6316ACD1} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AAAEA25-3081-498A-90BF-6EFD6316ACD1} => removed successfully
C:\Windows\System32\Tasks\{F732C669-AE47-4ED4-BEEF-B6AEEC24AE96} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F732C669-AE47-4ED4-BEEF-B6AEEC24AE96} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8FDAF8D3-3A8B-4CDB-80AD-5E7260FADC68} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FDAF8D3-3A8B-4CDB-80AD-5E7260FADC68} => removed successfully
C:\Windows\System32\Tasks\{A6AD7D02-39F7-43B6-8A99-F6D4E96CA720} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A6AD7D02-39F7-43B6-8A99-F6D4E96CA720} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95003BE8-A177-43E1-835E-242EDD5F1BE3} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95003BE8-A177-43E1-835E-242EDD5F1BE3} => removed successfully
C:\Windows\System32\Tasks\{3E0A8D8C-9BC9-49D9-A9FF-C42B35F98265} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3E0A8D8C-9BC9-49D9-A9FF-C42B35F98265} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9BA05DC4-4F31-4CB7-8DEF-41F43ADCB51A} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BA05DC4-4F31-4CB7-8DEF-41F43ADCB51A} => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB22D26D-059F-401E-9DA1-C8CDC8C6C7B8} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB22D26D-059F-401E-9DA1-C8CDC8C6C7B8} => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => removed successfully
C:\ProgramData\Temp => ":15024E60" ADS removed successfully
C:\ProgramData\Temp => ":4CF61E54" ADS removed successfully
C:\ProgramData\Temp => ":734E442A" ADS removed successfully
C:\ProgramData\Temp => ":A724744F" ADS removed successfully
C:\ProgramData\Temp => ":AB689DEA" ADS removed successfully
C:\ProgramData\Temp => ":B88E99C8" ADS removed successfully
C:\ProgramData\Temp => ":D282699C" ADS removed successfully


The system needed a reboot.

==== End of Fixlog 12:06:24 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#8 Příspěvek od Diallix »

Tak uploadnite subor na haveetarnu - viz. moj podpis.

poprosim o nove logy z frst + addition.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

sejk
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 01 úno 2014 12:23

Re: Prosím o kontrolu logu

#9 Příspěvek od sejk »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.01.2019 01
Ran by rodinka (administrator) on ASUS (12-01-2019 12:32:53)
Running from C:\Users\rodinka\Desktop
Loaded Profiles: rodinka (Available Profiles: rodinka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
() C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ServiceManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(EasyBits Software AS) C:\ProgramData\GameXN\GameXNGO.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe
() C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ModemListener.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [UfSeAgnt.exe] => C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1022904 2010-02-23] (Trend Micro Inc.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [619392 2009-06-12] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [261512 2019-01-08] (AVAST Software)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2244096 2009-07-13] (VIA)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [Tmobile_Czech Estoril ModemListener] => C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [159016 2014-12-11] ()
HKLM-x32\...\Run: [DT_Group KEY40 ModemListener] => C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ModemListener.exe [172840 2016-07-01] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [261512 2019-01-08] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [EPSON SX525WD Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [GameXN GO] => C:\ProgramData\GameXN\GameXNGO.exe [347008 2011-12-24] (EasyBits Software AS)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2171520 2017-12-05] (Gemfor s.r.o.)
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2009-10-30]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\tmchlang.lnk [2009-10-30]
ShortcutTarget: tmchlang.lnk -> C:\Program Files\Trend Micro\Internet Security\TmChLang.exe (Trend Micro Inc.)
Startup: C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2018-09-12]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1561311962-1441187426-1150558857-1000] => 172.24.12.1:3128
Tcpip\Parameters: [DhcpNameServer] 82.202.74.3 82.202.74.4 192.168.2.254
Tcpip\..\Interfaces\{905407FB-76B5-4ED9-9380-44A2BEECFA1E}: [DhcpNameServer] 82.202.74.3 82.202.74.4 192.168.2.254
Tcpip\..\Interfaces\{9F34E130-DCAE-4941-8DF3-24BC730FBC68}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CEA2FA5D-C5B9-48D6-BCC9-627620CF608E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E504117C-A811-4985-B8CD-5C4A9210655D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{F1992B06-DB3E-4D43-8446-02B1BE795078}: [DhcpNameServer] 94.74.192.252 94.74.192.244

Internet Explorer:
==================
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [fe_9.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF Extension: (No Name) - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012-03-08] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [te_9.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: (No Name) - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-03-08] [Legacy] [not signed]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxx ... google.com"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR Profile: C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default [2019-01-12]
CHR Extension: (YouTube) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (Bing Search Engine) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2018-03-22]
CHR Extension: (Vyhledávání Google) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-22]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-19]
CHR Extension: (Avast Online Security) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-12-19]
CHR Extension: (Skype) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-03-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-19]
CHR Extension: (Gmail) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-12]
CHR Extension: (Chrome Media Router) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-19]
CHR HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [7834368 2019-01-08] (AVAST Software)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [357816 2019-01-08] (AVAST Software)
R2 DT_Group KEY40 Modem Device Helper; C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ServiceManager.exe [78120 2016-06-17] ()
R2 FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [306232 2009-07-24] (ASUSTeK Computer Inc.)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
S2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [422608 2017-04-13] (Gemfor s.r.o.)
S2 OberonGameConsoleService; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [44312 2009-09-15] ()
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [859712 2010-10-09] (Trend Micro Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6634224 2018-02-02] (TeamViewer GmbH)
S3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [570632 2009-08-22] (Trend Micro Inc.)
R2 Tmobile_Czech Estoril Modem Device Helper; C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe [76584 2014-12-11] ()
S3 TmProxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [917768 2009-08-22] (Trend Micro Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-08] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-08] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [220688 2019-01-08] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-08] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-08] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-08] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-08] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-08] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166472 2019-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-08] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-08] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-08] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-08] (AVAST Software)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [32768 2010-10-08] (Huawei Tech. Co., Ltd.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [761592 2011-05-03] (Duplex Secure Ltd.)
R2 tmpreflt; C:\Windows\System32\DRIVERS\tmpreflt.sys [42768 2011-07-12] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [107536 2009-08-22] (Trend Micro Inc.)
R2 tmxpflt; C:\Windows\System32\DRIVERS\tmxpflt.sys [342288 2011-07-12] (Trend Micro Inc.)
R2 vsapint; C:\Windows\System32\DRIVERS\vsapint.sys [2077456 2011-07-12] (Trend Micro Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-12 12:09 - 2019-01-12 12:17 - 000006784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-12 12:05 - 2019-01-12 12:06 - 000017139 _____ C:\Users\rodinka\Desktop\Fixlog.txt
2019-01-11 19:06 - 2019-01-11 19:09 - 000000000 ____D C:\AdwCleaner
2019-01-11 19:06 - 2019-01-11 19:04 - 007320272 _____ (Malwarebytes) C:\Users\rodinka\Desktop\adwcleaner_7.2.6.0.exe
2019-01-10 12:34 - 2019-01-11 23:29 - 000057714 _____ C:\Users\rodinka\Desktop\Addition.txt
2019-01-10 12:33 - 2019-01-12 12:33 - 000019743 _____ C:\Users\rodinka\Desktop\FRST.txt
2019-01-10 12:31 - 2019-01-12 12:32 - 000000000 ____D C:\FRST
2019-01-10 12:30 - 2019-01-10 12:31 - 002425856 _____ (Farbar) C:\Users\rodinka\Desktop\FRST64.exe
2019-01-08 16:57 - 2019-01-08 16:56 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-08 16:57 - 2019-01-08 16:56 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-08 16:57 - 2019-01-08 16:56 - 000220688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-08 16:57 - 2019-01-08 16:56 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-08 16:57 - 2019-01-08 16:56 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-08 16:57 - 2019-01-08 16:56 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-08 15:37 - 2019-01-08 16:16 - 000000000 ____D C:\Windows\SysWOW64\19010804_stream
2018-12-19 15:06 - 2018-12-19 15:06 - 000000000 ____D C:\Program Files\T-Mobile
2018-12-19 14:50 - 2018-12-19 15:06 - 000001964 _____ C:\Users\Public\Desktop\Internet Manager.lnk
2018-12-19 14:50 - 2018-12-19 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2018-12-19 14:50 - 2018-12-19 14:50 - 000000000 ____D C:\Program Files (x86)\Internet Manager
2018-12-19 14:50 - 2013-06-18 11:33 - 000123776 _____ (TCT International Mobile Ltd.) C:\Windows\system32\Drivers\jrdusbser.sys
2018-12-19 14:47 - 2016-07-05 11:11 - 000381568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys
2018-12-19 14:47 - 2016-07-05 11:10 - 000126848 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys
2018-12-19 14:47 - 2015-01-15 13:04 - 000018688 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2018-12-19 14:47 - 2014-09-11 11:06 - 000457728 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2018-12-19 14:47 - 2013-11-30 12:25 - 000226176 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2018-12-19 14:47 - 2013-01-25 04:46 - 000109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2018-12-19 14:47 - 2010-10-08 12:29 - 000032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2018-12-19 14:47 - 2010-09-26 13:39 - 000022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2018-12-19 14:44 - 2018-12-19 14:44 - 000001307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-Mobile Internet Manager.lnk
2018-12-19 14:44 - 2018-12-19 14:44 - 000001210 _____ C:\Users\rodinka\Desktop\T-Mobile Internet Manager.lnk
2018-12-19 14:44 - 2018-12-19 14:44 - 000001210 _____ C:\Users\Default\Desktop\T-Mobile Internet Manager.lnk
2018-12-19 14:44 - 2018-12-19 14:44 - 000001210 _____ C:\Users\Default User\Desktop\T-Mobile Internet Manager.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-12 12:31 - 2015-07-14 20:23 - 000000000 ___SD C:\Users\rodinka\AppData\LocalLow\Temp
2019-01-12 12:29 - 2011-11-27 19:52 - 000000000 ____D C:\ProgramData\GameXN
2019-01-12 12:28 - 2014-06-17 09:44 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-01-12 12:17 - 2009-07-14 05:45 - 000006784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-12 12:15 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-01-12 12:11 - 2018-05-01 21:12 - 000000000 ____D C:\Users\rodinka\AppData\Local\AVAST Software
2019-01-12 12:09 - 2009-10-30 18:44 - 000003004 _____ C:\Windows\System32\Tasks\ASUS Live Update
2019-01-12 12:08 - 2014-08-09 14:12 - 000045056 _____ C:\Windows\system32\acovcnt.exe
2019-01-12 12:07 - 2010-02-12 11:10 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-12 12:07 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-12 11:15 - 2010-02-12 11:09 - 000000000 ____D C:\Users\rodinka\AppData\Local\Google
2019-01-12 10:57 - 2011-05-29 19:10 - 000000000 ____D C:\Users\rodinka\AppData\Roaming\go
2019-01-11 19:09 - 2010-01-04 19:26 - 000000000 ____D C:\ProgramData\ICQ
2019-01-09 20:30 - 2009-08-03 21:00 - 000669132 _____ C:\Windows\system32\perfh005.dat
2019-01-09 20:30 - 2009-08-03 21:00 - 000141760 _____ C:\Windows\system32\perfc005.dat
2019-01-09 20:30 - 2009-07-14 06:13 - 001584626 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-09 18:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-01-09 16:37 - 2009-10-30 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park
2019-01-09 16:37 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-01-09 14:44 - 2014-12-15 18:58 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-09 14:44 - 2014-12-15 18:58 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 14:44 - 2014-12-15 18:58 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-01-09 14:44 - 2014-12-15 18:58 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-09 14:44 - 2009-10-30 18:31 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-09 14:34 - 2011-05-03 08:46 - 000000000 ____D C:\Program Files (x86)\WinRAR
2019-01-08 17:48 - 2018-05-01 21:10 - 000000784 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-08 17:48 - 2018-03-28 18:44 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-01-08 17:48 - 2015-03-21 15:35 - 000000000 ____D C:\Program Files\CCleaner
2019-01-08 17:45 - 2011-05-03 08:47 - 000000000 ____D C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-08 17:45 - 2011-05-03 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-08 17:44 - 2018-05-01 21:13 - 000001312 _____ C:\Users\Public\Desktop\Skype.lnk
2019-01-08 17:44 - 2018-05-01 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-01-08 17:38 - 2009-07-14 06:08 - 000032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-01-08 16:58 - 2017-08-16 14:57 - 000003912 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-08 16:56 - 2018-10-22 15:53 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-08 16:56 - 2017-12-26 17:40 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-08 16:56 - 2017-12-26 17:40 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-08 16:56 - 2014-05-01 17:25 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-08 16:56 - 2014-01-02 08:24 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-08 16:56 - 2013-03-16 14:28 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-08 16:56 - 2013-03-16 14:28 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-08 16:56 - 2012-02-26 14:42 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-08 16:56 - 2011-06-19 18:20 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-08 16:56 - 2009-12-14 09:11 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-08 16:56 - 2009-12-14 09:11 - 000166472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-08 16:44 - 2009-12-12 10:24 - 000000000 __SHD C:\Users\rodinka\AppData\Roaming\.#
2019-01-07 19:27 - 2009-12-29 21:53 - 000000000 ____D C:\Windows\system32\Service
2018-12-19 17:47 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-12-19 17:42 - 2009-10-30 18:46 - 000002142 _____ C:\Windows\system32\AutoRunFilter.ini
2018-12-19 17:42 - 2009-10-30 18:46 - 000001931 _____ C:\Windows\system32\ServiceFilter.ini
2018-12-19 14:47 - 2013-08-30 07:51 - 000000000 ____D C:\Program Files (x86)\ZTE
2018-12-19 14:44 - 2013-08-30 07:50 - 000000000 ____D C:\Program Files (x86)\T-Mobile
2018-12-14 21:47 - 2012-07-12 18:42 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-14 21:47 - 2012-07-12 18:42 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2007-06-12 17:34 - 2007-06-12 17:34 - 000035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 16:35 - 2008-05-22 16:35 - 000051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 18:31 - 2009-04-08 18:31 - 000106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 - 2008-08-12 05:45 - 000155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2015-12-30 16:32 - 2016-01-02 18:20 - 000000268 _____ () C:\Users\rodinka\AppData\Roaming\_
2012-04-01 17:23 - 2012-04-01 17:23 - 000004096 ____H () C:\Users\rodinka\AppData\Local\keyfile3.drm
2014-07-09 09:49 - 2014-07-09 09:49 - 000020480 ____T () C:\Users\rodinka\AppData\Local\uninstall.tmp

Some files in TEMP:
====================
2019-01-12 10:58 - 2019-01-12 10:58 - 000001536 _____ () C:\Users\rodinka\AppData\Local\Temp\NOSEventMessages.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-09 17:52

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.01.2019 01
Ran by rodinka (12-01-2019 12:34:15)
Running from C:\Users\rodinka\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2009-12-08 17:10:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1561311962-1441187426-1150558857-500 - Administrator - Disabled)
Guest (S-1-5-21-1561311962-1441187426-1150558857-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1561311962-1441187426-1150558857-1002 - Limited - Enabled)
rodinka (S-1-5-21-1561311962-1441187426-1150558857-1000 - Administrator - Enabled) => C:\Users\rodinka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Internet Security (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Trend Micro Internet Security (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.01.513.58212 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Actualizare Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0418-0000-0000000FF1CE}_PROHYBRIDR_{6195740F-0C89-4CDD-ACAD-67CCE1495348}) (Version: - Microsoft)
Actualizare Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0418-0000-0000000FF1CE}_PROHYBRIDR_{E78703E2-69D3-4204-B101-9D8B7B72585C}) (Version: - Microsoft)
Actualizare Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0418-0000-0000000FF1CE}_PROHYBRIDR_{1531AE8C-8271-4A8C-9ABA-86AE70B0DA82}) (Version: - Microsoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.6 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{60D6618B-153F-4353-8185-908E676E5888}) (Version: 1.0.5 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}) (Version: 1.1.19 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
Asus WebStorage (HKLM\...\Asus WebStorage) (Version: 2.0.31.477 - eCareme Technologies, Inc.)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.16 - Atheros Communications Inc.)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0051 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0005 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0005 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Classic Menu 3.x for Office 2007 (HKLM-x32\...\{409ECFF1-9CC7-43A8-B28A-B7F0B7CB04D1}_is1) (Version: - Addintools)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.3 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2713 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dream Day Wedding Married in Manhattan (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}) (Version: - Oberon Media)
Dropbox (HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Emilka Holubová - Montezumův poklad (HKLM-x32\...\Emilka Holubová - Montezumův poklad) (Version: - )
Epson Easy Photo Print 2 (HKLM-x32\...\{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}) (Version: 2.2.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX525WD Series Manuál (HKLM-x32\...\EPSON SX525WD Series Manual) (Version: - )
EPSON SX525WD Series Printer Uninstall (HKLM\...\EPSON SX525WD Series) (Version: - SEIKO EPSON Corporation)
EPSON SX525WD Series Síťová příručka (HKLM-x32\...\EPSON SX525WD Series Network Guide) (Version: - )
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
ETDWare PS/2-x64 7.0.5.5_WHQL (HKLM\...\Elantech) (Version: - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.3 - ASUS)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\{6C3496DF-CC4C-4CDE-87A1-8657619EE2D6}_is1) (Version: 5.2.1.4 - Oberon Media, Inc.)
GameXN GO (HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\Game Organizer) (Version: - GameXN AS)
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Huawei Drivers (HKLM-x32\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 6.00.08.00 - )
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Internet Manager (HKLM-x32\...\DT_Group KEY40 Internet Manager_is1) (Version: 02.00.12 - Alcatel)
Internet Manager (HKLM-x32\...\Tmobile_Czech Estoril Internet Manager_is1) (Version: - T-mobile)
Island Wars 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110304260}) (Version: - Oberon Media)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help-frissítés (KB963678) (HKLM-x32\...\{90120000-0016-040E-0000-0000000FF1CE}_PROHYBRIDR_{76BD9044-91EB-46FC-8CA6-0AA239BB8A93}) (Version: - Microsoft)
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help-frissítés (KB963669) (HKLM-x32\...\{90120000-0018-040E-0000-0000000FF1CE}_PROHYBRIDR_{6863CE52-1321-482E-B930-B325EE09AEFF}) (Version: - Microsoft)
Microsoft Office Word 2007 Help-frissítés (KB963665) (HKLM-x32\...\{90120000-001B-040E-0000-0000000FF1CE}_PROHYBRIDR_{0E56E23A-EDB8-42C7-A285-7258C5944EB4}) (Version: - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVC80_x64 (HKLM\...\{68660049-8D48-427C-9FF7-139D8340CDC0}) (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86 (HKLM-x32\...\{212748BB-0DA5-46DE-82A1-403736DC9F27}) (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{4AA68A73-DB9C-439D-9481-981C82BD008B}) (Version: 7.1.69.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}) (Version: 7.1.40.6 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.40.6 - Nokia)
Nokia Suite (HKLM-x32\...\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}) (Version: 3.3.86.0 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.3.86.0 - Nokia)
PC Connectivity Solution (HKLM-x32\...\{A2AA4204-C05A-4013-888A-AD153139297F}) (Version: 11.5.29.0 - Nokia)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Piggly (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116864777}) (Version: - Oberon Media)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
Posodobitev za Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0424-0000-0000000FF1CE}_PROHYBRIDR_{FD705E62-13B4-4BF5-A4B2-A7599309751B}) (Version: - Microsoft)
Posodobitev za Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0424-0000-0000000FF1CE}_PROHYBRIDR_{045DC059-1CCC-47B9-BA35-713E269D33B8}) (Version: - Microsoft)
Posodobitev za Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0424-0000-0000000FF1CE}_PROHYBRIDR_{AD1C31E7-4856-4887-9307-1ABDE0F2DF7C}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Smileyville (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110413757}) (Version: - Oberon Media)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.93450 - TeamViewer)
T-Mobile Internet Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2017-12-05@2017-04-13 - Gemfor s.r.o.)
Trend Micro Internet Security (HKLM\...\{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}) (Version: 17.50 - Trend Micro Inc.)
Trend Micro Internet Security (HKLM\...\{9D2B0322-44AE-460E-9283-4D2D7A9205AE}) (Version: 17.50 - Trend Micro Inc.) Hidden
UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}) (Version: 14.0.8050.1202 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.26.0 - ASUS)
WinRAR 5.61 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.10 - ASUS)
ZTE Drivers (HKLM-x32\...\{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}) (Version: 1.2088.0.7 - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ShellIconOverlayIdentifiers: [OverlayIconExtension1] -> {fe25455d-b4c2-4e32-97d2-92632ec1c224} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayIconExtension2] -> {1fae2d88-a78e-4f03-909f-be818a3c1ce6} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ContextMenuHandlers1: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-08-25] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-08] (AVAST Software)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1561311962-1441187426-1150558857-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1561311962-1441187426-1150558857-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1561311962-1441187426-1150558857-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rodinka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3C0EC33D-CBFC-45F3-90B0-A45FA8554A70} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {5382E3B8-7C25-4183-BFBE-A11F09BD67F1} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-03-28] ()
Task: {56550F2E-D0F2-44C8-A583-CAE07A4DFC19} - System32\Tasks\{7DE5D5B4-8633-4C34-BE0B-5FC133D56512} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.4.0.102/cs/abandoninstall?page=tsBing
Task: {5A4BD829-F7F4-476E-8EDE-B44256CC77E7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {5D732649-BC8C-495E-A1AC-B82CC9199486} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {5D732649-BC8C-495E-A1AC-B82CC9199486} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {73197AA9-9EBF-4FB5-B7B0-C138DC16A9F0} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {7BC3011A-B562-4641-92EA-B5DD8143E90F} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-18] (ASUS)
Task: {842D7842-98B4-4A73-9202-099EF373304C} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-07-23] ()
Task: {85B94C89-D55F-470B-8741-89E15F5B0915} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {85B94C89-D55F-470B-8741-89E15F5B0915} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {8F3BC5A2-EEEC-408F-92CE-F1D9EF85A33E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [2019-01-08] (AVAST Software)
Task: {95F02511-4B83-4D16-8314-99503B163D5A} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
Task: {A8BAC974-A635-4ED5-8262-069ABD9E91D6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2019-01-11] (AVAST Software)
Task: {B729D963-1A98-4C0C-B555-907230324A67} - System32\Tasks\{9BBCE89E-F745-42A6-B028-EE4F842A78E4} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {C4A4330C-2C02-44C1-86B1-A7729C7A013E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {C4A4330C-2C02-44C1-86B1-A7729C7A013E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {C4A4330C-2C02-44C1-86B1-A7729C7A013E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {C58FEA7B-C177-4F83-8D46-DB511D6EFA73} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1561311962-1441187426-1150558857-1000
Task: {C76C900D-BB43-48E3-A1DB-95D2BF1BC8AD} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-07-24] ()
Task: {C8845FC6-A002-4E6E-8C33-1173487FBAD5} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {CBC1331A-FC6C-4A15-B92B-372C2E2FF9E3} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-07-29] (ATK)
Task: {D3F95ACF-B99F-4688-9412-3D0365C29E80} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {D3F95ACF-B99F-4688-9412-3D0365C29E80} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {EEF4DB7B-61C6-499A-8FA7-D145B9E74CD2} - System32\Tasks\{50327B28-23B6-4EF5-9C3C-A0EDA407D01C} => "c:\program files (x86)\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/abandoninstall?page=tsBing
Task: {F1CD5DB2-BF70-4B10-AF97-A2F0F10D8D8F} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {F2491AFA-A274-4A1A-9CB8-195F01DA1941} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2009-10-30 18:42 - 2007-08-08 08:08 - 000094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2019-01-08 16:56 - 2019-01-08 16:56 - 000667016 _____ () C:\Program Files\Alwil Software\Avast5\streamback.dll
2019-01-11 23:13 - 2019-01-11 23:13 - 006915216 _____ () C:\Program Files\Alwil Software\Avast5\defs\19011104\algo64.dll
2019-01-08 16:56 - 2019-01-08 16:56 - 000550792 _____ () C:\Program Files\Alwil Software\Avast5\gui_cache.dll
2019-01-08 16:56 - 2019-01-08 16:56 - 001175944 _____ () C:\Program Files\Alwil Software\Avast5\hns_tools.dll
2019-01-08 16:56 - 2019-01-08 16:56 - 001967496 _____ () C:\Program Files\Alwil Software\Avast5\shepherdsync.dll
2009-08-25 08:47 - 2009-08-25 08:47 - 000140560 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\EcaremeDLL.dll
2009-10-30 18:21 - 2009-10-30 18:21 - 000029968 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3524.15966__0d0f4b69e50e559b\SqliteShared.dll
2009-10-30 18:21 - 2009-10-30 18:21 - 000931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2008-10-01 07:02 - 2008-10-01 07:08 - 000011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-07-24 18:32 - 2009-07-24 18:32 - 001593344 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2009-07-23 01:58 - 2009-07-23 01:58 - 000017976 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2009-05-05 18:00 - 2009-05-05 18:00 - 000041472 _____ () C:\Program Files\P4G\DevMng.dll
2009-07-27 18:12 - 2009-07-27 18:12 - 000026624 _____ () C:\Program Files\P4G\OvrClk.dll
2009-10-30 18:42 - 2007-03-10 02:58 - 000124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll
2008-08-14 04:59 - 2008-08-14 04:59 - 000301624 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
2018-12-19 15:06 - 2016-06-17 17:08 - 000078120 _____ () C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ServiceManager.exe
2009-10-30 18:44 - 2007-11-30 19:20 - 000051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2018-12-19 14:50 - 2014-12-11 11:24 - 000076584 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
2019-01-08 16:56 - 2019-01-08 16:57 - 093695912 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2009-10-30 18:42 - 2009-05-07 09:51 - 000071680 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2009-10-30 18:42 - 2009-05-07 09:53 - 000379392 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2009-10-30 18:42 - 2008-01-18 07:49 - 000098816 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2009-10-30 18:42 - 2009-07-06 07:37 - 047601664 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2018-12-19 14:50 - 2014-12-11 11:19 - 000159016 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe
2018-12-19 15:06 - 2016-07-01 13:46 - 000172840 _____ () C:\Program Files\T-Mobile\InternetManager_A\IK40\BackgroundService\ModemListener.exe
2018-09-19 09:12 - 2018-09-19 09:12 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2009-08-22 10:31 - 2009-08-22 10:31 - 000207656 _____ () C:\Program Files\Trend Micro\Internet Security\UfPack.dll
2009-08-22 14:18 - 2009-08-22 14:18 - 001106864 _____ () C:\Program Files\Trend Micro\Internet Security\sqlite3.dll
2009-10-30 18:44 - 2009-06-22 21:37 - 000212992 _____ () C:\Windows\SysWOW64\Fast Boot\GetBootTime.dll
2008-08-28 00:32 - 2008-08-28 00:32 - 000619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2008-06-09 17:55 - 2008-06-09 17:55 - 000013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-04 19:29 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.202.74.3 - 82.202.74.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D263435D-EC53-4CD0-8403-EEF70D3CBA44}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
FirewallRules: [{011BC941-B6D4-440F-A0A0-075D0C282A6A}] => (Allow) svchost.exe (Microsoft Corporation)
FirewallRules: [{AE2378BB-A52E-45E9-B97C-80388D64A0B0}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{81746517-3440-48B9-8DBE-B06FD5DFE60E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{49E3A9D4-8864-40CB-AA0F-8917FF898C88}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{17609F11-3510-489C-B805-3305A8E628A9}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{649F5548-9993-4940-BC53-BC53DC3A92FD}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe (SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{50BE9B1A-F206-42F3-BAD6-21C4505EB126}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{703928BE-5913-411F-BE92-B4EA1544AAB0}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{CD3F438C-1B0E-4622-8D6E-F5CD395755FE}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{884418A2-5A09-4E00-B64E-2E03FB62134B}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{972E768E-A928-4DAA-A0DC-CDC78202E744}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{07CFE3CD-31B6-466F-84DA-866F37927570}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [TCP Query User{8722E522-6F7E-4BC7-9F61-0EAF07C5484B}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{E57D1A96-ACAB-4288-9CA1-5C1008DC4217}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation)
FirewallRules: [{7E002948-3586-4CCB-BDD7-F16A9EAF9A7F}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe (Nokia)
FirewallRules: [{DAC7F701-CD67-474F-A5EE-F991C8CF30A0}] => (Allow) C:\Users\rodinka\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
FirewallRules: [{69AEE8E8-C14F-4E84-B233-D1A428491D80}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{2599C41F-8F8E-4831-AE3E-D56C0B4EBB12}] => (Allow) LPort=2869
FirewallRules: [{8B5CA635-9605-4754-877B-9D38F33E522C}] => (Allow) LPort=1900
FirewallRules: [{A71ACD0B-B249-4B2B-A261-001AAFA2A8AF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{1ED72EBB-2B77-42D7-ACD1-9B230B1C840F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{A108C508-51C9-4425-8B0C-9931635A98C2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{21373F48-D5DD-4DFF-9D6F-50AEB201EC03}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{253ECF4A-9A22-46BC-8858-CFD0D39FFF9F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{08B41DE7-6C67-47F9-BF38-F319CEE47CE5}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{91213628-A359-40E8-8653-867937F97350}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{5CA2403D-D33F-4F85-AAFC-B291346C24A5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{522E1E59-35FA-4D10-87A0-84A680632F03}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{6C90AA52-CB91-4B8D-8A7F-3B60DBBB182C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{52EAD73B-D150-4509-B4E3-9D59908E500D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

==================== Restore Points =========================

09-01-2019 17:59:24 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/12/2019 11:07:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: esu.exe, verze: 1.0.0.0, časové razítko: 0x58dac8d5
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23418, časové razítko: 0x5708a7e4
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0x2d0
Čas spuštění chybující aplikace: 0x01d4aa5e8c217997
Cesta k chybující aplikaci: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: cdc526be-1651-11e9-89a9-cd586b7162b2

Error: (01/12/2019 11:06:59 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: esu.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext()
na System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef)
na Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean)
na Garmin.Omt.Service.Shared.Overrides..cctor()

Informace o výjimce: System.TypeInitializationException
na Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl()
na Garmin.Omt.Express.SelfUpdater.Program.RealMain()
na Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[])

Error: (01/11/2019 07:04:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: esu.exe, verze: 1.0.0.0, časové razítko: 0x58dac8d5
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23418, časové razítko: 0x5708a7e4
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0x1abc
Čas spuštění chybující aplikace: 0x01d4a9d80040d540
Cesta k chybující aplikaci: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 4ac5488e-15cb-11e9-b9b0-bf45a4c212af

Error: (01/11/2019 07:04:07 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: esu.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext()
na System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef)
na Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean)
na Garmin.Omt.Service.Shared.Overrides..cctor()

Informace o výjimce: System.TypeInitializationException
na Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl()
na Garmin.Omt.Express.SelfUpdater.Program.RealMain()
na Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[])

Error: (01/11/2019 06:58:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (01/11/2019 06:58:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (01/10/2019 12:38:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (01/10/2019 12:38:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.


System errors:
=============
Error: (01/12/2019 12:21:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (01/12/2019 12:21:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (01/12/2019 12:11:40 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: Služba 'WMPNetworkSvc' nebyla spuštěna správně, protože registr nebylo možné aktualizovat v důsledku chyby '0x80070006'. Pokud je to možné, přeinstalujte program Windows Media Player.

Error: (01/12/2019 12:09:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd

Error: (01/12/2019 12:09:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Mobile Broadband Extension Service byla ukončena s následující chybou:
%%-2147483576

Error: (01/12/2019 12:09:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Oberon Media Game Console service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/12/2019 12:09:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Oberon Media Game Console service bylo dosaženo časového limitu (30000 ms).

Error: (01/12/2019 12:08:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Garmin Device Interaction Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Windows Defender:
===================================
Date: 2013-01-19 14:51:26.684
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2012-11-11 18:53:47.062
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2012-04-10 19:11:52.033
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

CodeIntegrity:
===================================

Date: 2016-02-29 19:32:56.688
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\atmfd.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-29 19:32:56.469
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\atmfd.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-29 19:32:55.362
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\atmfd.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-29 19:32:55.143
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\atmfd.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz
Percentage of memory in use: 43%
Total physical RAM: 3037.09 MB
Available physical RAM: 1707.88 MB
Total Virtual: 6072.36 MB
Available Virtual: 4252.62 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:74.52 GB) (Free:5.88 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:208.92 GB) (Free:159.47 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: D9B3496E)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=208.9 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

sejk
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 01 úno 2014 12:23

Re: Prosím o kontrolu logu

#10 Příspěvek od sejk »

Soubor uploudovan... :)

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#11 Příspěvek od Diallix »

Este to docistime.

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2009-10-30]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe ()
Toolbar: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR Extension: (Bing Search Engine) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2018-03-22]
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

sejk
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 01 úno 2014 12:23

Re: Prosím o kontrolu logu

#12 Příspěvek od sejk »

Fix result of Farbar Recovery Scan Tool (x64) Version: 09.01.2019 01
Ran by rodinka (12-01-2019 12:55:56) Run:2
Running from C:\Users\rodinka\Desktop
Loaded Profiles: rodinka (Available Profiles: rodinka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2009-10-30]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe ()
Toolbar: HKU\S-1-5-21-1561311962-1441187426-1150558857-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR Extension: (Bing Search Engine) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2018-03-22]
*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk => moved successfully
C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe => moved successfully
"HKU\S-1-5-21-1561311962-1441187426-1150558857-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => removed successfully
HKLM\Software\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer => removed successfully
"Chrome DefaultSearchURL" => removed successfully
CHR Extension: (Bing Search Engine) - C:\Users\rodinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2018-03-22] => Error: No automatic fix found for this entry.


The system needed a reboot.

==== End of Fixlog 12:56:05 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#13 Příspěvek od Diallix »

Subor je cisty.

Ako je na tom pocitac ?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

sejk
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 01 úno 2014 12:23

Re: Prosím o kontrolu logu

#14 Příspěvek od sejk »

Vypadá to, že se trochu zrychlil nějaké breberky našel ten adwcleaner, takže určitě lepší než to bylo jestli je to vše tak moc díky

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#15 Příspěvek od Diallix »

Este doporucujem precistit pc s CCleanerom.

V pohodicke, nemate zaco :)
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Odpovědět