Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prevence

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Prevence

#1 Příspěvek od PredyP »

Dobrý den,
prosím o preventivní kontrolu logu.

Děkuji.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019
Ran by Petr (08-03-2019 15:01:37)
Running from C:\Users\Petr\Desktop
Windows 10 Pro Version 1809 17763.316 (X64) (2018-12-27 19:46:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3289169553-1937731841-1937761989-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3289169553-1937731841-1937761989-503 - Limited - Disabled)
Guest (S-1-5-21-3289169553-1937731841-1937761989-501 - Limited - Disabled)
Petr (S-1-5-21-3289169553-1937731841-1937761989-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-3289169553-1937731841-1937761989-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Aktualizace NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Cake Shop (HKLM-x32\...\Cake Shop_is1) (Version: - FreeGamePick)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.01 - Canon Inc.)
Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0630 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
GIMP 2.10.6 (HKLM\...\GIMP-2_is1) (Version: 2.10.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
High-Definition Video Playback 10 (HKLM-x32\...\{237CCB62-8454-43E3-B158-3ACD0134852E}) (Version: 7.0.11400.29.0 - Nero AG) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - )
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LogMeIn Hamachi (HKLM-x32\...\{892DB406-ADF8-4C30-9840-8438AF5B8763}) (Version: 2.2.0.607 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.607 - LogMeIn, Inc.)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
PDF Architect 6 (HKLM-x32\...\PDF Architect 6) (Version: 6.1.19.842 - pdfforge GmbH)
PDF Architect 6 Create Module (HKLM\...\{A0ACB885-7CDD-4E43-9109-E49CF70E4039}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 6 Edit Module (HKLM\...\{FC39343C-732F-433E-9929-F9D08BA73792}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 6 View Module (HKLM\...\{7FFD0E0F-478A-4393-BBB0-4B20FAF5F3B7}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.4.0 - pdfforge GmbH)
RC Cars (HKLM-x32\...\{7F8EEE16-9240-4B20-8357-13CE74D1858C}) (Version: 1.00.000 - )
Registrace uživatele zařízení Canon MG2200 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG2200 series) (Version: - Canon Inc.‎)
Seznam Software (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.7 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.3399 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2017 (HKLM-x32\...\{3CC29C1A-B5FE-457B-1234-32A2557A92C7}}_is1) (Version: - winmoviemaker)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDFArchitect6_ManagerExt] -> {6508EEA0-C540-4420-AF21-64937A1536D0} => C:\Program Files\PDF Architect 6\context-menu.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2018-11-13] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-09-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-09-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {150194B0-8C52-4DEF-8AA7-AD1EAA90C4D0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1FDEBDF4-F268-402D-A698-651F94BD4B05} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2369229C-A4EB-42B4-A751-A36E8DCD2C93} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {35D0009C-F101-439B-BEE5-F81EF0099DA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {43C0404B-C2CB-4A0F-AB18-C5ECB2E0A428} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {4900CC67-BAF0-4E73-97F1-2151302DA04C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {4C136BF0-902F-45CB-846C-D5E196363BE3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {524844DA-0AEC-4DB7-A6C7-E0CD6CD77DD3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {565FCFC3-CC42-4474-99D0-263CEAC7F968} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68BE86E5-798F-49F0-A0C7-86674730498C} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {76DBC1E5-5E41-444D-BEBA-3A5029A88B2D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8833B7F2-9DB1-451C-9BAF-BEAE2996D8B6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8D63028E-9479-4F0B-AA25-E8C44C69B7A4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A19BB211-4618-4156-9639-4EA2ACAE87B5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {A82BE994-8018-4913-99AD-0ABA4E58106F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BCE8234F-1D3F-49BB-9416-9B34A4E65EFA} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7DFA32B-0322-4BB4-A0DD-5F67E38B815D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {F12DF0AE-2E17-4AEE-99D3-0D9BE656C86A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-02-18 13:24 - 2019-02-18 13:24 - 000116736 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2018-12-12 11:32 - 2018-12-12 11:32 - 000190784 _____ (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-03-09 04:20 - 2018-03-09 04:20 - 000427520 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDF Architect 6\libcurl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2019-01-04 12:59 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Control Panel\Desktop\\Wallpaper -> D:\Petr\Ovladače\img9.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "NBAgent"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "GSplay.exe"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{30B8288C-A468-472E-8FF5-50C5FA18CB86}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [{E9C86C65-9ED8-4A81-BFCB-764B73B684BF}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{16592C08-95C1-48F9-99D9-80642811D5CC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1B6E89D5-B50D-4380-A323-51CE8AEC7744}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [{DE72DE94-52F4-4615-9E1F-B1749A50F6D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A1539F2F-4CD6-4ADC-BE26-942E4050B361}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7736ADE-D883-4C93-804E-9CC57B5AA05F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{086A53A0-3E43-47AD-A318-B31713255A76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1E6E4405-E16D-4EC2-916C-D46A38821FA1}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [{B2B2A6D1-7338-4192-A863-22C39BCFC708}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{61627D32-5DB5-4FA0-8839-102B26DA3E77}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F6027321-B1FC-434F-BD0C-E062344A9914}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [{7116FE6D-D84F-4C2B-BAEE-ECA9BD62DA34}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [{E2F594AF-B713-4620-8BB5-316DBAFAFFB9}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{79AB53A5-C224-4FEF-A866-60539652648C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{4D012857-2AE9-4C0C-9F83-015DC8291EAB}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [{0CD2A1AC-57E8-41BC-82DA-F1AD4B520829}] => (Block) D:\denisa\hry\hl.exe (Valve) [File not signed]
FirewallRules: [{353DCF7C-96C8-4E5D-B5DC-205D02A9A777}] => (Block) D:\denisa\hry\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{D4433894-6055-41A0-93C6-C7A172EAB387}D:\denisa\hry\hl.exe] => (Allow) D:\denisa\hry\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{058CBFF7-BB93-43D9-B3A7-70C9A125B33B}D:\denisa\hry\hl.exe] => (Allow) D:\denisa\hry\hl.exe (Valve) [File not signed]
FirewallRules: [{8D127293-ABFD-4618-B506-50D9D8793394}] => (Allow) LPort=1900
FirewallRules: [{07FA55F5-DB19-4DA9-9233-7C2EE3F8A6EB}] => (Allow) LPort=2869
FirewallRules: [{9CC983F1-7256-4D80-B558-9E9289ADE325}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3AEECAC4-A50A-4452-B141-C6A6F21F1B9F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{770050BE-2380-4500-9C1B-F78B51925747}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{267FF299-F0AE-4174-A488-36BEB735377B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CB1F90F5-E730-494F-8501-BC33EA610B6B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{82688194-89FA-46DC-9216-DD29E272473A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AB61691E-6841-41B2-BCD0-688BA6B536C3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{2A36A11D-B9FA-4327-8F17-FAE10609BA4F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{A864C599-8C04-4BF2-936B-76335BB32FE2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D7D00A6A-96C6-4B06-9BAC-F47F248916D1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{B8A81A17-5102-46A9-95A3-2938774707C3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{D6BF4A0B-20B1-49D0-B551-95EEC92497B8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{7F4CE66B-23A3-4865-AA1D-C4E04FD3AD61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C7185294-BBB6-4CBE-9547-68CDA90BD821}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{48F0143F-230C-459C-B0DA-34BA8DC72131}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{1E4B868D-27E7-4DD8-B9BF-D8155B39072C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe No File
FirewallRules: [{6D6C2339-D52F-4DB8-BC1F-8065955F8390}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe No File
FirewallRules: [{D3EB137D-A5D0-4CB0-BC13-9B0EC2DDDFC7}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{3FF72D6D-6FB4-4BB1-82CA-D73EF6579EE9}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{ABC8992A-2801-49F3-834B-D2AA44A6206E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [{F5434D83-5D8A-4F1A-98F1-BE03EC501D0F}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [{C4542DE9-F148-483F-B240-43F1CD646833}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [{D0ADFB0D-6B45-4FC5-AF4F-23D77750C68E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{55596F2E-8F9B-4243-89E5-722E1F5DBC59}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6193C384-088B-434D-91F4-3461B540F395}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2E5EE08C-9920-479F-B638-11CB81CF94ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{CDCD7420-4AEB-43B4-AB07-F5924DE7607C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0CCA05CD-7CAE-46B9-B142-CDC79CBE08EF}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [{D2796A38-3B40-4F55-8F27-7FDB9CFC3B8B}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [{667CAEFB-2D6E-4324-8100-27041DAEA818}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{82DCCF2D-C5CC-4E8D-AE27-E0A2E045DF4F}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{9C80A67C-36F6-4A0E-B79A-FBE5A746C80D}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [{21D57B28-EF06-4C5A-93EE-9840FA9C5DAA}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [{5F903A4C-2D7A-4757-9B2F-091E761238CD}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{0AE7F0B9-B261-4BE6-BF5E-517B373BB09D}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{D7D339CC-DB73-4EAD-AF73-150CF817BCA8}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [{6774AD9A-7B10-4127-A712-6E45B1C61A2A}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [{07D7E575-0876-4EA9-8F83-B82E27A9BC95}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [{FB7E7925-B1B8-49F0-BCA5-BF9BF541ADAF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{8D2E899D-C59D-49AD-912C-96CE8F185928}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{7106153C-D3FF-4A2B-98E2-E68746973671}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{6FBC8265-0B3A-4B50-ACB2-35F12A0F5DF9}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [{D975FC76-A764-4F1E-9B3F-F7ABAA999C6B}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [{A65DCD14-C085-47F5-94DD-73B1236E1C5A}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{E1788035-98FB-4A03-AE85-972F9E8802FC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{12E19D37-DAE9-4596-9720-016A9B247371}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [{023686E5-D3D8-434C-9CDD-F0D6566591A7}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [{B156CB7A-F3D7-4B84-980E-59F2AC4455AE}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{594FF8EC-6F7F-4C4A-A96C-3037D6141809}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A2E13999-DD3B-4874-9785-126AF2F3CA68}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [{C170FE9F-44A1-4868-A279-BF8727544BE2}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [{6FD37815-CC4E-47BF-86DD-9A3E687D90E3}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{47690762-19B3-4416-9B31-59D6E56CDF1A}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{17030EE2-844A-48BD-9FBE-B071CD95AA88}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [{09BC1A2A-4937-4B16-B181-2FF7FA001CDA}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [{E07FD692-9812-4B5F-9FEE-3EB629266647}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{AEE59C55-0F1B-4BCF-A475-5241C2CEC9ED}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{215744FA-7E40-448F-82A0-FBFC5DB87542}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [{2B41554B-DE24-4C40-A0C1-97D1C3B1FB71}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [{502F532A-5AD9-44DA-93D5-8818ED9772C8}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{787E2274-22C2-4B53-BCA2-414B62576850}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{4CAC24D8-234B-4A84-95EA-3F2150553D8C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{FF326C55-EE35-42A9-8717-C0AF5ADFCCF0}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{895730FA-608D-4EE1-B2A9-EB3C3A57D005}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{18FBB872-3CD6-45B6-8892-BA4CF1650EB4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [TCP Query User{CE2EF043-F47A-4AAD-B7BE-ACD06F88378E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{91DF8EB5-777B-4B4A-8C59-B1F4808FBC13}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{E1BADE63-46A0-47F2-9E45-2ED29BB36B91}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{675CB410-6934-4126-ADBC-E27C17730217}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe (Riot Games, Inc. -> )

==================== Restore Points =========================

27-02-2019 18:53:17 Naplánovaný kontrolní bod
06-03-2019 20:47:21 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/04/2019 08:17:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: smartscreen.exe, verze: 10.0.17763.1, časové razítko: 0x0eee9872
Název chybujícího modulu: smartscreen.exe, verze: 10.0.17763.1, časové razítko: 0x0eee9872
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000008ab4f
ID chybujícího procesu: 0xe1c
Čas spuštění chybující aplikace: 0x01d4d2ad324c45f8
Cesta k chybující aplikaci: C:\Windows\System32\smartscreen.exe
Cesta k chybujícímu modulu: C:\Windows\System32\smartscreen.exe
ID zprávy: d1800533-bb68-4574-9d71-7d460947790b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/01/2019 10:30:42 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (11440,R,98) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -528.

Error: (03/01/2019 10:30:32 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (11440,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\Petr\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (03/01/2019 10:30:22 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (11440,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\Petr\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (03/01/2019 10:30:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (11440,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Petr\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (03/01/2019 10:30:03 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (11440,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\Petr\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (02/22/2019 02:14:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (02/22/2019 02:06:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet


System errors:
=============
Error: (03/07/2019 10:00:09 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GC5ULMC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/07/2019 10:00:09 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GC5ULMC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/07/2019 09:31:14 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GC5ULMC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-GC5ULMC\Petr (SID: S-1-5-21-3289169553-1937731841-1937761989-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/07/2019 01:00:54 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/07/2019 01:00:54 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/07/2019 01:00:54 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/07/2019 01:00:53 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/07/2019 01:00:53 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================

Date: 2019-02-22 14:08:11.865
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-22 14:08:11.862
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-22 14:08:11.854
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-22 14:08:11.851
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-19 21:33:55.634
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-29 13:36:57.088
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: AMD Phenom(tm) II X6 1055T Processor
Percentage of memory in use: 37%
Total physical RAM: 8191.18 MB
Available physical RAM: 5159.94 MB
Total Virtual: 10452.26 MB
Available Virtual: 6533.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:887.64 GB) NTFS
Drive d: (Uložiště) (Fixed) (Total:1863.01 GB) (Free:491.43 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{9b0c9b0c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: F8F2D247)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019
Ran by Petr (administrator) on DESKTOP-GC5ULMC (08-03-2019 14:59:55)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Pro Version 1809 17763.316 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\updater-ws.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\ws.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20453.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Seznam.cz, a.s. -> ) C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Seznam.cz, a.s. -> ) C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11231.20192.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11231.20192.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-09-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [Discord] => C:\Users\Petr\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\MountPoints2: {60fab0bb-c598-11e8-84d9-8c89a57d66c9} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\MountPoints2: {983d85b5-1bfb-11e9-84ea-8c89a57d66c9} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [221184 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-06] (Google LLC -> Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{57b5d926-2e23-4a29-98e1-a3b60a16c0c5}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-22] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001 -> hxxp://seznam.cz/

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> D:\Denisa\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://seznam.cz/"
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2019-03-07]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-08]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-08]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-02-13]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-08]
CHR Extension: (Virtuální klavír) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cohgcponedmbhgbbdinajeoapmoaifdj [2018-11-20]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-08]
CHR Extension: (slovo vyhledávání) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggckablhhmjagmokplgnbamljajnhanm [2018-06-08]
CHR Extension: (Picditor Photo Editor) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggdplhaiiohpkafnlhlfikiomnboacoi [2018-06-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (AdBlock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-02-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-08]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-02-13]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-08]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-08]
CHR HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3648616 2018-09-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] (Canon Inc. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 PDF Architect 6; C:\Program Files\PDF Architect 6\ws.exe [2569976 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 6 Creator; C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe [832248 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 6 Update Service; C:\Program Files\PDF Architect 6\updater-ws.exe [1665272 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-01-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11660528 2018-12-07] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-27] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-27] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-16] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-05-23] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [121344 2018-09-15] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c1a085cc86772d3f\nvlddmkm.sys [17544792 2018-03-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2018-12-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2018-12-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-27] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-08 14:59 - 2019-03-08 15:01 - 000020829 _____ C:\Users\Petr\Desktop\FRST.txt
2019-03-08 14:59 - 2019-03-08 14:59 - 000000000 ____D C:\FRST
2019-03-08 14:58 - 2019-03-08 14:58 - 002434560 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2019-02-24 16:44 - 2019-02-26 16:37 - 000000000 ____D C:\Users\Petr\.oracle_jre_usage
2019-02-22 14:14 - 2019-02-22 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2019-02-18 13:29 - 2019-02-18 13:29 - 000000000 ____D C:\Users\Petr\AppData\Local\pdfforge
2019-02-18 13:25 - 2019-02-18 13:38 - 000000000 ____D C:\Users\Petr\AppData\Roaming\PDF Architect 6
2019-02-18 13:25 - 2019-02-18 13:30 - 000000000 ____D C:\Users\Petr\AppData\Local\PDFCreator
2019-02-18 13:25 - 2019-02-18 13:26 - 000000000 ____D C:\Program Files\PDF Architect 6
2019-02-18 13:25 - 2019-02-18 13:26 - 000000000 ____D C:\Program Files (x86)\PDF Architect 6
2019-02-18 13:25 - 2019-02-18 13:25 - 000001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 6.lnk
2019-02-18 13:25 - 2019-02-18 13:25 - 000000000 ____D C:\Users\Petr\Documents\PDF Architect
2019-02-18 13:25 - 2019-02-18 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 6
2019-02-18 13:24 - 2019-03-01 22:31 - 000000000 ____D C:\Program Files\PDFCreator
2019-02-18 13:24 - 2019-02-18 13:39 - 000000000 ____D C:\ProgramData\PDF Architect 6
2019-02-18 13:24 - 2019-02-18 13:24 - 000116736 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2019-02-18 13:24 - 2019-02-18 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2019-02-18 13:09 - 2019-02-18 13:09 - 000205424 _____ C:\Users\Petr\Documents\IMG_20190218_0002.pdf
2019-02-18 13:08 - 2019-02-18 13:08 - 000516119 _____ C:\Users\Petr\Documents\IMG_20190218_0001.pdf
2019-02-14 20:50 - 2019-02-18 16:36 - 000000000 ____D C:\Users\Petr\Denisa Vysoká škola
2019-02-14 20:50 - 2019-02-14 20:51 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-02-14 11:21 - 2019-02-14 11:21 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 023439360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 020812288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 019023872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 009683984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-14 11:21 - 2019-02-14 11:21 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 006540424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 006070272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 004885504 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 004688896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 003922944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 002927120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 002626592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 002437552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001969680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 001700864 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001671864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001467560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-14 11:21 - 2019-02-14 11:21 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-14 11:21 - 2019-02-14 11:21 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000982576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000982032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000765960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000475152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-14 11:21 - 2019-02-14 11:21 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000421904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000419128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000387384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000047136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-14 11:21 - 2019-02-14 11:21 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-08 16:21 - 2019-02-08 16:20 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-02-08 09:14 - 2019-02-08 09:14 - 000000000 ____D C:\Program Files\VideoLAN
2019-02-08 09:13 - 2019-02-08 09:13 - 041846888 _____ C:\Users\Petr\Downloads\vlc-3.0.6-win64.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-08 14:57 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-08 14:45 - 2018-12-27 20:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-08 12:28 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-08 12:28 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-08 12:25 - 2018-06-07 08:47 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-08 11:15 - 2018-12-19 18:03 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Seznam.cz
2019-03-08 11:13 - 2018-12-27 20:45 - 000004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B620A067-F333-4478-A6CC-B1B86B683051}
2019-03-07 21:59 - 2018-10-19 16:21 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2019-03-07 21:40 - 2018-11-03 23:18 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TS3Client
2019-03-06 21:23 - 2018-06-08 07:19 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-06 18:59 - 2018-06-07 11:15 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-03-05 21:07 - 2018-06-09 15:50 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TeamViewer
2019-03-05 19:22 - 2018-12-27 20:45 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-03-04 20:17 - 2018-06-07 22:01 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2019-03-01 22:31 - 2018-12-21 15:33 - 000000000 ___DC C:\WINDOWS\Panther
2019-03-01 22:31 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-01 22:31 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-03-01 22:28 - 2018-12-27 20:45 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-03-01 22:28 - 2018-06-08 08:50 - 000000000 ____D C:\Program Files\CCleaner
2019-03-01 13:20 - 2018-06-09 15:50 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-02-27 20:02 - 2018-12-27 20:27 - 000000000 ____D C:\Users\Petr
2019-02-24 15:18 - 2018-06-08 07:10 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-22 14:07 - 2018-12-27 20:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-22 14:07 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-16 13:08 - 2018-06-07 22:14 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-02-14 14:44 - 2018-12-27 20:23 - 000445240 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-14 14:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-02-14 14:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-14 14:37 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-14 11:16 - 2018-06-07 09:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-14 11:13 - 2018-06-07 09:21 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-10 20:03 - 2018-12-27 20:45 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3289169553-1937731841-1937761989-1001
2019-02-10 20:03 - 2018-12-27 20:27 - 000002433 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-10 20:03 - 2018-06-07 08:45 - 000000000 ___RD C:\Users\Petr\OneDrive
2019-02-08 16:21 - 2018-10-27 10:58 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-02-08 16:21 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-08 16:21 - 2018-06-07 22:14 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-02-08 16:21 - 2018-06-07 22:14 - 000216784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-02-08 16:21 - 2018-06-07 22:14 - 000167304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-02-08 16:21 - 2018-06-07 22:14 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-02-08 16:21 - 2018-06-07 22:14 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-02-08 16:20 - 2019-01-14 15:33 - 000225680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-02-08 16:20 - 2019-01-07 14:47 - 000320696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-02-08 16:20 - 2019-01-07 14:47 - 000196072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-02-08 16:20 - 2019-01-07 14:47 - 000057960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-02-08 16:20 - 2019-01-07 14:47 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-02-08 16:20 - 2018-06-07 22:14 - 001034432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-02-08 16:20 - 2018-06-07 22:14 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-02-08 09:14 - 2018-10-19 16:19 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk

==================== Files in the root of some directories =======

2018-12-19 17:55 - 2018-12-19 17:55 - 000000863 _____ () C:\Users\Petr\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prevence

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Seznam Software / Seznam Listicka mas nainstalovany umyselne? Ak nie resp. to nepotrebujes/nepouzivas, odporucam odinstalovat.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#3 Příspěvek od PredyP »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-04.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-09-2019
# Duration: 00:00:05
# OS: Windows 10 Pro
# Cleaned: 9
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Not Deleted C:\Users\Petr\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1992 octets] - [09/03/2019 14:36:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prevence

#4 Příspěvek od Conder »

Seznam Software / Seznam Listicka mas nainstalovany umyselne?
:???:

:arrow: Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#5 Příspěvek od PredyP »

Zapomněl jsem napsat že mi nešel odinstalovat

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.03.2019 01
Ran by Petr (10-03-2019 00:40:17)
Running from C:\Users\Petr\Desktop
Windows 10 Pro Version 1809 17763.316 (X64) (2018-12-27 19:46:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3289169553-1937731841-1937761989-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3289169553-1937731841-1937761989-503 - Limited - Disabled)
Guest (S-1-5-21-3289169553-1937731841-1937761989-501 - Limited - Disabled)
Petr (S-1-5-21-3289169553-1937731841-1937761989-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-3289169553-1937731841-1937761989-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Aktualizace NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Cake Shop (HKLM-x32\...\Cake Shop_is1) (Version: - FreeGamePick)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.01 - Canon Inc.)
Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.54 - Piriform)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0630 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
GIMP 2.10.6 (HKLM\...\GIMP-2_is1) (Version: 2.10.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
High-Definition Video Playback 10 (HKLM-x32\...\{237CCB62-8454-43E3-B158-3ACD0134852E}) (Version: 7.0.11400.29.0 - Nero AG) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - )
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LogMeIn Hamachi (HKLM-x32\...\{892DB406-ADF8-4C30-9840-8438AF5B8763}) (Version: 2.2.0.607 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.607 - LogMeIn, Inc.)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
PDF Architect 6 (HKLM-x32\...\PDF Architect 6) (Version: 6.1.19.842 - pdfforge GmbH)
PDF Architect 6 Create Module (HKLM\...\{A0ACB885-7CDD-4E43-9109-E49CF70E4039}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 6 Edit Module (HKLM\...\{FC39343C-732F-433E-9929-F9D08BA73792}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDF Architect 6 View Module (HKLM\...\{7FFD0E0F-478A-4393-BBB0-4B20FAF5F3B7}) (Version: 6.1.24.1862 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.4.0 - pdfforge GmbH)
RC Cars (HKLM-x32\...\{7F8EEE16-9240-4B20-8357-13CE74D1858C}) (Version: 1.00.000 - )
Registrace uživatele zařízení Canon MG2200 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG2200 series) (Version: - Canon Inc.‎)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.7 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.3399 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2017 (HKLM-x32\...\{3CC29C1A-B5FE-457B-1234-32A2557A92C7}}_is1) (Version: - winmoviemaker)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDFArchitect6_ManagerExt] -> {6508EEA0-C540-4420-AF21-64937A1536D0} => C:\Program Files\PDF Architect 6\context-menu.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2018-11-13] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-09-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-09-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {150194B0-8C52-4DEF-8AA7-AD1EAA90C4D0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1FDEBDF4-F268-402D-A698-651F94BD4B05} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2369229C-A4EB-42B4-A751-A36E8DCD2C93} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3436060E-829E-4CD6-9CA4-60AB9846C299} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {35D0009C-F101-439B-BEE5-F81EF0099DA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {43C0404B-C2CB-4A0F-AB18-C5ECB2E0A428} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {4900CC67-BAF0-4E73-97F1-2151302DA04C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {4C136BF0-902F-45CB-846C-D5E196363BE3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {524844DA-0AEC-4DB7-A6C7-E0CD6CD77DD3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {565FCFC3-CC42-4474-99D0-263CEAC7F968} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68BE86E5-798F-49F0-A0C7-86674730498C} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8833B7F2-9DB1-451C-9BAF-BEAE2996D8B6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8D63028E-9479-4F0B-AA25-E8C44C69B7A4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A19BB211-4618-4156-9639-4EA2ACAE87B5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {A82BE994-8018-4913-99AD-0ABA4E58106F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BCE8234F-1D3F-49BB-9416-9B34A4E65EFA} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7DFA32B-0322-4BB4-A0DD-5F67E38B815D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {F12DF0AE-2E17-4AEE-99D3-0D9BE656C86A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-02-18 13:24 - 2019-02-18 13:24 - 000116736 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2018-12-12 11:32 - 2018-12-12 11:32 - 000190784 _____ (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-03-09 04:20 - 2018-03-09 04:20 - 000427520 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDF Architect 6\libcurl.dll
2019-03-09 14:43 - 2019-03-09 14:43 - 032393728 _____ (Dolby) [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220\DolbyUWP.dll
2018-12-27 21:05 - 2018-12-27 21:06 - 000948736 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220\e_sqlite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2019-01-04 12:59 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Control Panel\Desktop\\Wallpaper -> D:\Petr\Ovladače\img9.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "NBAgent"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "GSplay.exe"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{30B8288C-A468-472E-8FF5-50C5FA18CB86}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [{E9C86C65-9ED8-4A81-BFCB-764B73B684BF}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{16592C08-95C1-48F9-99D9-80642811D5CC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1B6E89D5-B50D-4380-A323-51CE8AEC7744}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [{DE72DE94-52F4-4615-9E1F-B1749A50F6D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A1539F2F-4CD6-4ADC-BE26-942E4050B361}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7736ADE-D883-4C93-804E-9CC57B5AA05F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{086A53A0-3E43-47AD-A318-B31713255A76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1E6E4405-E16D-4EC2-916C-D46A38821FA1}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [{B2B2A6D1-7338-4192-A863-22C39BCFC708}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{61627D32-5DB5-4FA0-8839-102B26DA3E77}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F6027321-B1FC-434F-BD0C-E062344A9914}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [{7116FE6D-D84F-4C2B-BAEE-ECA9BD62DA34}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [{E2F594AF-B713-4620-8BB5-316DBAFAFFB9}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{79AB53A5-C224-4FEF-A866-60539652648C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{4D012857-2AE9-4C0C-9F83-015DC8291EAB}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [{0CD2A1AC-57E8-41BC-82DA-F1AD4B520829}] => (Block) D:\denisa\hry\hl.exe (Valve) [File not signed]
FirewallRules: [{353DCF7C-96C8-4E5D-B5DC-205D02A9A777}] => (Block) D:\denisa\hry\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{D4433894-6055-41A0-93C6-C7A172EAB387}D:\denisa\hry\hl.exe] => (Allow) D:\denisa\hry\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{058CBFF7-BB93-43D9-B3A7-70C9A125B33B}D:\denisa\hry\hl.exe] => (Allow) D:\denisa\hry\hl.exe (Valve) [File not signed]
FirewallRules: [{8D127293-ABFD-4618-B506-50D9D8793394}] => (Allow) LPort=1900
FirewallRules: [{07FA55F5-DB19-4DA9-9233-7C2EE3F8A6EB}] => (Allow) LPort=2869
FirewallRules: [{9CC983F1-7256-4D80-B558-9E9289ADE325}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3AEECAC4-A50A-4452-B141-C6A6F21F1B9F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{770050BE-2380-4500-9C1B-F78B51925747}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{267FF299-F0AE-4174-A488-36BEB735377B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CB1F90F5-E730-494F-8501-BC33EA610B6B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{82688194-89FA-46DC-9216-DD29E272473A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AB61691E-6841-41B2-BCD0-688BA6B536C3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{2A36A11D-B9FA-4327-8F17-FAE10609BA4F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{A864C599-8C04-4BF2-936B-76335BB32FE2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D7D00A6A-96C6-4B06-9BAC-F47F248916D1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{B8A81A17-5102-46A9-95A3-2938774707C3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{D6BF4A0B-20B1-49D0-B551-95EEC92497B8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{7F4CE66B-23A3-4865-AA1D-C4E04FD3AD61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C7185294-BBB6-4CBE-9547-68CDA90BD821}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{48F0143F-230C-459C-B0DA-34BA8DC72131}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{1E4B868D-27E7-4DD8-B9BF-D8155B39072C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe No File
FirewallRules: [{6D6C2339-D52F-4DB8-BC1F-8065955F8390}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe No File
FirewallRules: [{D3EB137D-A5D0-4CB0-BC13-9B0EC2DDDFC7}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{3FF72D6D-6FB4-4BB1-82CA-D73EF6579EE9}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{ABC8992A-2801-49F3-834B-D2AA44A6206E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [{F5434D83-5D8A-4F1A-98F1-BE03EC501D0F}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [{C4542DE9-F148-483F-B240-43F1CD646833}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [{D0ADFB0D-6B45-4FC5-AF4F-23D77750C68E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{55596F2E-8F9B-4243-89E5-722E1F5DBC59}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6193C384-088B-434D-91F4-3461B540F395}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2E5EE08C-9920-479F-B638-11CB81CF94ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{CDCD7420-4AEB-43B4-AB07-F5924DE7607C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0CCA05CD-7CAE-46B9-B142-CDC79CBE08EF}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [{D2796A38-3B40-4F55-8F27-7FDB9CFC3B8B}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [{667CAEFB-2D6E-4324-8100-27041DAEA818}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{82DCCF2D-C5CC-4E8D-AE27-E0A2E045DF4F}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{9C80A67C-36F6-4A0E-B79A-FBE5A746C80D}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [{21D57B28-EF06-4C5A-93EE-9840FA9C5DAA}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [{5F903A4C-2D7A-4757-9B2F-091E761238CD}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{0AE7F0B9-B261-4BE6-BF5E-517B373BB09D}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{D7D339CC-DB73-4EAD-AF73-150CF817BCA8}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [{6774AD9A-7B10-4127-A712-6E45B1C61A2A}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [{07D7E575-0876-4EA9-8F83-B82E27A9BC95}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [{FB7E7925-B1B8-49F0-BCA5-BF9BF541ADAF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{8D2E899D-C59D-49AD-912C-96CE8F185928}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{7106153C-D3FF-4A2B-98E2-E68746973671}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{6FBC8265-0B3A-4B50-ACB2-35F12A0F5DF9}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [{D975FC76-A764-4F1E-9B3F-F7ABAA999C6B}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [{A65DCD14-C085-47F5-94DD-73B1236E1C5A}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{E1788035-98FB-4A03-AE85-972F9E8802FC}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{12E19D37-DAE9-4596-9720-016A9B247371}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [{023686E5-D3D8-434C-9CDD-F0D6566591A7}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [{B156CB7A-F3D7-4B84-980E-59F2AC4455AE}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{594FF8EC-6F7F-4C4A-A96C-3037D6141809}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A2E13999-DD3B-4874-9785-126AF2F3CA68}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [{C170FE9F-44A1-4868-A279-BF8727544BE2}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [{6FD37815-CC4E-47BF-86DD-9A3E687D90E3}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{47690762-19B3-4416-9B31-59D6E56CDF1A}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{17030EE2-844A-48BD-9FBE-B071CD95AA88}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [{09BC1A2A-4937-4B16-B181-2FF7FA001CDA}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [{E07FD692-9812-4B5F-9FEE-3EB629266647}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{AEE59C55-0F1B-4BCF-A475-5241C2CEC9ED}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{215744FA-7E40-448F-82A0-FBFC5DB87542}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [{2B41554B-DE24-4C40-A0C1-97D1C3B1FB71}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [{502F532A-5AD9-44DA-93D5-8818ED9772C8}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{787E2274-22C2-4B53-BCA2-414B62576850}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{4CAC24D8-234B-4A84-95EA-3F2150553D8C}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [{FF326C55-EE35-42A9-8717-C0AF5ADFCCF0}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [{895730FA-608D-4EE1-B2A9-EB3C3A57D005}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [{18FBB872-3CD6-45B6-8892-BA4CF1650EB4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [TCP Query User{CE2EF043-F47A-4AAD-B7BE-ACD06F88378E}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{91DF8EB5-777B-4B4A-8C59-B1F4808FBC13}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{E1BADE63-46A0-47F2-9E45-2ED29BB36B91}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{675CB410-6934-4126-ADBC-E27C17730217}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{8824E41C-7AC1-48B3-AA41-8D3955470417}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{6FBCF71D-15D9-47FD-9052-17F3874E8262}D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe] => (Allow) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{362AC3E8-67FB-4F3D-AB57-ACBEC779858D}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{1B6296BB-C571-43EA-81AA-D6A5C91F2BB3}] => (Block) D:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe (Riot Games, Inc. -> )

==================== Restore Points =========================

27-02-2019 18:53:17 Naplánovaný kontrolní bod
06-03-2019 20:47:21 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/04/2019 08:17:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: smartscreen.exe, verze: 10.0.17763.1, časové razítko: 0x0eee9872
Název chybujícího modulu: smartscreen.exe, verze: 10.0.17763.1, časové razítko: 0x0eee9872
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000008ab4f
ID chybujícího procesu: 0xe1c
Čas spuštění chybující aplikace: 0x01d4d2ad324c45f8
Cesta k chybující aplikaci: C:\Windows\System32\smartscreen.exe
Cesta k chybujícímu modulu: C:\Windows\System32\smartscreen.exe
ID zprávy: d1800533-bb68-4574-9d71-7d460947790b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/01/2019 10:30:42 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (11440,R,98) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -528.

Error: (03/01/2019 10:30:32 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (11440,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\Petr\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (03/01/2019 10:30:22 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (11440,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\Petr\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (03/01/2019 10:30:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (11440,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Petr\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (03/01/2019 10:30:03 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (11440,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\Petr\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (02/22/2019 02:14:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (02/22/2019 02:06:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet


System errors:
=============
Error: (03/09/2019 02:38:25 PM) (Source: DCOM) (EventID: 10001) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {995C996E-D918-4A8C-A302-45719A6F4EA7} jako Není k dispozici/Není k dispozici. Došlo k chybě:
0
při provádění příkazu:
C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding

Error: (03/09/2019 02:37:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (03/09/2019 02:37:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDF Architect 6 Creator byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/09/2019 02:37:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDF Architect 6 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/09/2019 02:37:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Nero Update byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/09/2019 02:37:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/09/2019 02:37:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/09/2019 02:37:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDF Architect 6 Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2019-03-09 14:38:37.546
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-09 14:38:37.543
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-09 14:38:37.536
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-09 14:38:37.533
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-22 14:08:11.865
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-22 14:08:11.862
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-22 14:08:11.854
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-22 14:08:11.851
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: AMD Phenom(tm) II X6 1055T Processor
Percentage of memory in use: 36%
Total physical RAM: 8191.18 MB
Available physical RAM: 5206.57 MB
Total Virtual: 9471.18 MB
Available Virtual: 5781.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:888.2 GB) NTFS
Drive d: (Uložiště) (Fixed) (Total:1863.01 GB) (Free:491.45 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{9b0c9b0c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: F8F2D247)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9B0C9B0C)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.03.2019 01
Ran by Petr (administrator) on DESKTOP-GC5ULMC (10-03-2019 00:38:38)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Pro Version 1809 17763.316 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\updater-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 6\ws.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20453.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11231.20192.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11231.20192.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-09-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\Run: [Discord] => C:\Users\Petr\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\MountPoints2: {60fab0bb-c598-11e8-84d9-8c89a57d66c9} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\MountPoints2: {983d85b5-1bfb-11e9-84ea-8c89a57d66c9} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [221184 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-06] (Google LLC -> Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{57b5d926-2e23-4a29-98e1-a3b60a16c0c5}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-22] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001 -> hxxp://seznam.cz/

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> D:\Denisa\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://seznam.cz/"
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2019-03-07]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-08]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-08]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-02-13]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-08]
CHR Extension: (Virtuální klavír) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cohgcponedmbhgbbdinajeoapmoaifdj [2018-11-20]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-08]
CHR Extension: (slovo vyhledávání) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggckablhhmjagmokplgnbamljajnhanm [2018-06-08]
CHR Extension: (Picditor Photo Editor) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggdplhaiiohpkafnlhlfikiomnboacoi [2018-06-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (AdBlock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-02-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-08]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-02-13]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-08]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-08]
CHR HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3648616 2018-09-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] (Canon Inc. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 PDF Architect 6; C:\Program Files\PDF Architect 6\ws.exe [2569976 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 6 Creator; C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe [832248 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 6 Update Service; C:\Program Files\PDF Architect 6\updater-ws.exe [1665272 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-01-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11660528 2018-12-07] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-27] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-27] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-16] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-09-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-05-23] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [121344 2018-09-15] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c1a085cc86772d3f\nvlddmkm.sys [17544792 2018-03-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2018-12-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2018-12-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-27] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-10 00:38 - 2019-03-10 00:39 - 000020371 _____ C:\Users\Petr\Desktop\FRST.txt
2019-03-10 00:38 - 2019-03-10 00:38 - 000000000 ____D C:\Users\Petr\Desktop\FRST-OlderVersion
2019-03-09 14:36 - 2019-03-09 14:37 - 000000000 ____D C:\AdwCleaner
2019-03-09 14:35 - 2019-03-09 14:35 - 007316688 _____ (Malwarebytes) C:\Users\Petr\Desktop\adwcleaner_7.2.7.0.exe
2019-03-08 14:59 - 2019-03-10 00:38 - 000000000 ____D C:\FRST
2019-03-08 14:58 - 2019-03-10 00:38 - 002434560 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2019-02-24 16:44 - 2019-02-26 16:37 - 000000000 ____D C:\Users\Petr\.oracle_jre_usage
2019-02-22 14:14 - 2019-02-22 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2019-02-18 13:29 - 2019-02-18 13:29 - 000000000 ____D C:\Users\Petr\AppData\Local\pdfforge
2019-02-18 13:25 - 2019-02-18 13:38 - 000000000 ____D C:\Users\Petr\AppData\Roaming\PDF Architect 6
2019-02-18 13:25 - 2019-02-18 13:30 - 000000000 ____D C:\Users\Petr\AppData\Local\PDFCreator
2019-02-18 13:25 - 2019-02-18 13:26 - 000000000 ____D C:\Program Files\PDF Architect 6
2019-02-18 13:25 - 2019-02-18 13:26 - 000000000 ____D C:\Program Files (x86)\PDF Architect 6
2019-02-18 13:25 - 2019-02-18 13:25 - 000001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 6.lnk
2019-02-18 13:25 - 2019-02-18 13:25 - 000000000 ____D C:\Users\Petr\Documents\PDF Architect
2019-02-18 13:25 - 2019-02-18 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 6
2019-02-18 13:24 - 2019-03-01 22:31 - 000000000 ____D C:\Program Files\PDFCreator
2019-02-18 13:24 - 2019-02-18 13:39 - 000000000 ____D C:\ProgramData\PDF Architect 6
2019-02-18 13:24 - 2019-02-18 13:24 - 000116736 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2019-02-18 13:24 - 2019-02-18 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2019-02-18 13:09 - 2019-02-18 13:09 - 000205424 _____ C:\Users\Petr\Documents\IMG_20190218_0002.pdf
2019-02-18 13:08 - 2019-02-18 13:08 - 000516119 _____ C:\Users\Petr\Documents\IMG_20190218_0001.pdf
2019-02-14 20:50 - 2019-02-18 16:36 - 000000000 ____D C:\Users\Petr\Denisa Vysoká škola
2019-02-14 20:50 - 2019-02-14 20:51 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-02-14 11:21 - 2019-02-14 11:21 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 023439360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 020812288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 019023872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 009683984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-14 11:21 - 2019-02-14 11:21 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 006540424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 006070272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 004885504 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 004688896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 003922944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 002927120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 002626592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 002437552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001969680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 001700864 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001671864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001467560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-14 11:21 - 2019-02-14 11:21 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-14 11:21 - 2019-02-14 11:21 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000982576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000982032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000765960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000475152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-14 11:21 - 2019-02-14 11:21 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000421904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000419128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000387384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000047136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-14 11:21 - 2019-02-14 11:21 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-14 11:21 - 2019-02-14 11:21 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-02-14 11:21 - 2019-02-14 11:21 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-08 16:21 - 2019-02-08 16:20 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-02-08 09:14 - 2019-02-08 09:14 - 000000000 ____D C:\Program Files\VideoLAN
2019-02-08 09:13 - 2019-02-08 09:13 - 041846888 _____ C:\Users\Petr\Downloads\vlc-3.0.6-win64.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-10 00:38 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-09 23:27 - 2018-12-27 20:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-09 20:43 - 2018-12-27 20:45 - 000004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B620A067-F333-4478-A6CC-B1B86B683051}
2019-03-09 19:02 - 2018-06-07 08:47 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-09 19:00 - 2018-12-27 20:45 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-03-09 14:44 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-09 14:44 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-09 14:41 - 2018-06-08 08:50 - 000000000 ____D C:\Program Files\CCleaner
2019-03-09 14:40 - 2018-12-27 20:45 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-03-09 14:38 - 2018-12-27 20:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-09 14:38 - 2018-06-09 15:50 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-03-09 14:37 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-03-09 14:34 - 2018-12-19 18:03 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Seznam.cz
2019-03-07 21:59 - 2018-10-19 16:21 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2019-03-07 21:40 - 2018-11-03 23:18 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TS3Client
2019-03-06 21:23 - 2018-06-08 07:19 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-06 18:59 - 2018-06-07 11:15 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-03-05 21:07 - 2018-06-09 15:50 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TeamViewer
2019-03-04 20:17 - 2018-06-07 22:01 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2019-03-01 22:31 - 2018-12-21 15:33 - 000000000 ___DC C:\WINDOWS\Panther
2019-03-01 22:31 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-01 22:31 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-02-27 20:02 - 2018-12-27 20:27 - 000000000 ____D C:\Users\Petr
2019-02-24 15:18 - 2018-06-08 07:10 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-16 13:08 - 2018-06-07 22:14 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-02-14 14:44 - 2018-12-27 20:23 - 000445240 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-14 14:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-02-14 14:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-14 14:37 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-14 11:16 - 2018-06-07 09:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-14 11:13 - 2018-06-07 09:21 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-10 20:03 - 2018-12-27 20:45 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3289169553-1937731841-1937761989-1001
2019-02-10 20:03 - 2018-12-27 20:27 - 000002433 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-10 20:03 - 2018-06-07 08:45 - 000000000 ___RD C:\Users\Petr\OneDrive
2019-02-08 16:21 - 2018-10-27 10:58 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-02-08 16:21 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-08 16:21 - 2018-06-07 22:14 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-02-08 16:21 - 2018-06-07 22:14 - 000216784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-02-08 16:21 - 2018-06-07 22:14 - 000167304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-02-08 16:21 - 2018-06-07 22:14 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-02-08 16:21 - 2018-06-07 22:14 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-02-08 16:20 - 2019-01-14 15:33 - 000225680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-02-08 16:20 - 2019-01-07 14:47 - 000320696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-02-08 16:20 - 2019-01-07 14:47 - 000196072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-02-08 16:20 - 2019-01-07 14:47 - 000057960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-02-08 16:20 - 2019-01-07 14:47 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-02-08 16:20 - 2018-06-07 22:14 - 001034432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-02-08 16:20 - 2018-06-07 22:14 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-02-08 09:14 - 2018-10-19 16:19 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk

==================== Files in the root of some directories =======

2018-12-19 17:55 - 2018-12-19 17:55 - 000000863 _____ () C:\Users\Petr\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prevence

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
    
    HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\MountPoints2: {60fab0bb-c598-11e8-84d9-8c89a57d66c9} - "G:\HiSuiteDownLoader.exe" 
    HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\MountPoints2: {983d85b5-1bfb-11e9-84ea-8c89a57d66c9} - "G:\HiSuiteDownLoader.exe" 
    HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
    Edge HomeButtonPage: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001 -> hxxp://seznam.cz/
    CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://seznam.cz/"
    CHR NewTab: Default ->  Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
    CHR HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
    2019-03-10 00:38 - 2019-03-10 00:38 - 000000000 ____D C:\Users\Petr\Desktop\FRST-OlderVersion
    2019-03-09 14:34 - 2018-12-19 18:03 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Seznam.cz
    C:\Program Files (x86)\Seznam.cz
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#7 Příspěvek od PredyP »

Fix result of Farbar Recovery Scan Tool (x64) Version: 09.03.2019 01
Ran by Petr (10-03-2019 09:21:42) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe

HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\MountPoints2: {60fab0bb-c598-11e8-84d9-8c89a57d66c9} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\...\MountPoints2: {983d85b5-1bfb-11e9-84ea-8c89a57d66c9} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
Edge HomeButtonPage: HKU\S-1-5-21-3289169553-1937731841-1937761989-1001 -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://seznam.cz/"
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
2019-03-10 00:38 - 2019-03-10 00:38 - 000000000 ____D C:\Users\Petr\Desktop\FRST-OlderVersion
2019-03-09 14:34 - 2018-12-19 18:03 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Seznam.cz
C:\Program Files (x86)\Seznam.cz

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 15
Average :
Sum : 14094727
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe ========================

C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File not signed
MD5: 9CEE2BBB060DC4B7062BE4461774A7A0
Creation and modification date: 2018-12-12 11:32 - 2018-12-12 11:32
Size: 000190784
Attributes: ----A
Company Name: Huawei Technologies Co., Ltd. ->
Internal Name: DCSHOST
Original Name: HuaweiHiSuiteService.EXE
Product: HuaweiHiSuiteService
Description: HuaweiHiSuiteService
File Version: 2, 0, 0, 42
Product Version: 2, 0, 0, 42
Copyright: Copyright (C) 2008
VirusTotal: https://www.virustotal.com/file/bbe3aee ... 552100023/

====== End of File: ======

HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60fab0bb-c598-11e8-84d9-8c89a57d66c9} => removed successfully
HKLM\Software\Classes\CLSID\{60fab0bb-c598-11e8-84d9-8c89a57d66c9} => not found
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{983d85b5-1bfb-11e9-84ea-8c89a57d66c9} => removed successfully
HKLM\Software\Classes\CLSID\{983d85b5-1bfb-11e9-84ea-8c89a57d66c9} => not found
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\\HomeButtonPage" => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome NewTab" => removed successfully
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\SOFTWARE\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig => removed successfully
HKU\S-1-5-21-3289169553-1937731841-1937761989-1001\SOFTWARE\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak => removed successfully
"C:\Users\Petr\Desktop\FRST-OlderVersion" => not found
C:\Users\Petr\AppData\Roaming\Seznam.cz => moved successfully
"C:\Program Files (x86)\Seznam.cz" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 44426234 B
Java, Flash, Steam htmlcache => 1079 B
Windows/system/drivers => 2661152 B
Edge => 314372966 B
Chrome => 372450068 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 904 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Petr => 110489620 B

RecycleBin => 2614121 B
EmptyTemp: => 817.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:23:02 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prevence

#8 Příspěvek od Conder »

:arrow: Ako to vyzera s PC? Su este nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#9 Příspěvek od PredyP »

Neměl s pc problém. Software seznam asi nainstalovala dcera s něčím.
Jestli je to vše děkuji Vám za pomoc.
:worship: :worship: :worship:

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prevence

#10 Příspěvek od Conder »

:arrow: Ano, logy vyzeraju OK.

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1227
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#11 Příspěvek od PredyP »

Ještě jednou děkuji za pomoc.

:worship: :worship: :worship:

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prevence

#12 Příspěvek od Conder »

Nie je zaco, rad som pomohol :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zamčeno