Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-08-2019 02
Ran by Karlíkxy (administrator) on VELKEJPC (Gigabyte Technology Co., Ltd. GA-MA770T-UD3) (09-08-2019 21:59:08)
Running from C:\Users\Karlíkxy\Desktop\Nová složka
Loaded Profiles: Karlíkxy (Available Profiles: Karlíkxy)
Platform: Windows 10 Pro Version 1809 17763.615 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(DESlock Limited -> DESlock Limited.) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\Nexus.exe
(Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180448 2019-07-21] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-04-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-11-11] () [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [EsetPasswordManager] => C:\Program Files\ESET\ESET Password Manager\pwm.exe [113648 2019-04-29] (Lamantine Software a.s. -> ESET)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646904 2019-07-18] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Nexus] => C:\Program Files (x86)\Winstep\Nexus.exe [17959552 2019-03-01] (Winstep Software Technologies) [File not signed]
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-11-01] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {6bc1cec3-3048-11e9-8543-1c6f658aab67} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {df940eb5-9c28-11e9-8564-1c6f658aab67} - "F:\Setup.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {df940f8a-9c28-11e9-8564-1c6f658aab67} - "F:\Setup.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\DREAMA~1.SCR [141312 2018-01-14] () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-05-15]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1362D4B2-119F-4D89-BB22-CFFC79D30111} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4519576 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B4B14F6-0646-4409-A65F-239C12FAA5F5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {401A4F49-C2AE-4AA9-9038-55EA9D055483} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {5296E58E-6D54-4666-AA35-D66D2CC5D826} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {5906DD94-AC24-4EDF-A907-A70E82417D89} - System32\Tasks\AdobeGCInvoker-1.0-VELKEJPC-Karlíkxy => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {62E336EF-2760-4806-8CF4-E8C8079F51B9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {64183814-E2EF-41F9-BB4A-94E6912C34B0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {80AB00B5-53D6-4FDE-AE49-D3469867C000} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E0836A4-FE9A-40BD-9744-7F0706C5447C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {A110620B-FDDB-455B-B1E0-CC7047CFA86E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A5834D3B-067C-4770-92F5-B87AC00C36F0} - System32\Tasks\Opera scheduled Autoupdate 1557004838 => C:\Users\Karlíkxy\AppData\Local\Programs\Opera\launcher.exe [1348120 2019-08-07] (Opera Software AS -> Opera Software)
Task: {ADB774B2-A85A-40FD-B267-4D55D0FC7C49} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4519576 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7D34523-3F35-42A6-81A0-2F5C5C9C8FBB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA4BBF4E-79AF-42CC-BF56-3AC51F1ADEE5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D5691FF7-C0E9-4B7C-AC9C-79CBFA6C2DFF} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\Karlíkxy\Desktop\RogueKiller_portable64.exe
Task: {E7E0A54E-FEAD-4B2E-9848-FD58754EDBE4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [524360 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EE8BBE94-B545-4568-9BE0-39BF260A8A13} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {F0FE289A-9FD9-4D0B-ADEE-6D92C3908F8A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{c6eac970-e2c8-4318-998b-1c9e3e635683}: [DhcpNameServer] 192.168.100.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4144462506-2486898719-981058799-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: kmapm4jw.default
FF ProfilePath: C:\Users\Karlíkxy\AppData\Roaming\TomTom\HOME\Profiles\eq9k5pmv.default [2019-05-05]
FF Homepage: TomTom\HOME\Profiles\eq9k5pmv.default -> about:home
FF NewTab: TomTom\HOME\Profiles\eq9k5pmv.default -> about:newtab
FF Extension: (RenaultTheme) - C:\Users\Karlíkxy\AppData\Roaming\TomTom\HOME\Profiles\eq9k5pmv.default\Extensions\RenaultTheme@tomtom.com [2019-03-14] [Legacy] [not signed]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-03-23] [Legacy] [not signed]
FF ProfilePath: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default [2019-08-09]
FF Homepage: Mozilla\Firefox\Profiles\kmapm4jw.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\kmapm4jw.default -> about:newtab
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: admin@fastaddons.com_GroupSpeedDial
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: pavel.sherbakov@gmail.com
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: quickdial@matmoul.com
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: {0a79bc58-665f-4534-a7ea-6d61d68194fb}
FF Extension: (AdGuard AdBlocker) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\adguardadblocker@adguard.com.xpi [2019-07-04]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-01-05]
FF Extension: (Google Translator for Firefox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\translator@zoli.bod.xpi [2019-05-07]
FF Extension: (Blue Flower Vine by M♥Donna) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{04001c8a-6eff-4659-9196-0a552edd725a}.xpi [2019-05-11]
FF Extension: (tranquil blue) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{0d1802ae-eebf-4526-855b-1879b45e66cb}.xpi [2019-05-14]
FF Extension: (Ship in Lighthouse Reflection) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{2db9f8d0-ee99-4d57-a581-2722da1b573d}.xpi [2019-05-07]
FF Extension: (Dark Cubes) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{2dbb0302-0a64-4964-bb64-d157474dd324}.xpi [2019-05-14]
FF Extension: (Animated A Toon Town Christmas) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{328c92e1-1e11-4985-a74e-96aa60d8d243}.xpi [2019-05-14]
FF Extension: (Google Translate (In Page Translate)) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{3d09bd90-da37-41b5-a719-8da173e9870f}.xpi [2019-06-30]
FF Extension: (Deep Dark Blue Forest) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{5db58b6b-6fbc-4be3-b48d-e536ac711a10}.xpi [2019-05-14]
FF Extension: (Tv Firefox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{6eafd633-df99-4fc0-a515-039ba8f8f253}.xpi [2019-05-14]
FF Extension: (FFX Developer) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{73574968-e44d-401e-8477-43882b7c9f22}.xpi [2019-05-14]
FF Extension: (Fox in the Clouds) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{aa842ed2-c0e8-4238-a894-c71e5bb2e97d}.xpi [2019-05-14]
FF Extension: (esafox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{b526b65f-3165-4dcc-a534-3474d1de766b}.xpi [2019-05-14]
FF Extension: (FamousFox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{bbf9b829-01fb-4406-8200-7622ed399df5}.xpi [2019-05-14]
FF Extension: (лиса) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{cdfd0c6c-8fc0-4565-ab49-fe3437600595}.xpi [2019-05-14]
FF Extension: (Grayfox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{ceb971ca-37e6-4c49-ab6e-1d1a97a1eb8c}.xpi [2019-05-14]
FF Extension: (Winter Cabin Collage by M♥Donna) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{dba00d63-b5fe-4363-a4cf-e918ca9db46a}.xpi [2019-05-14]
FF Extension: (FirefoxClassicalBlue) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{dc4152a2-0127-4e36-aaf9-7a0ab4c46dc0}.xpi [2019-05-14]
FF Extension: (Dark Fox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2019-05-14]
FF Extension: (Blue Flow) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{fb1fb250-2fd9-4f24-85ba-23dfcbf9f4e1}.xpi [2019-05-14]
FF Extension: (No Name) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4144462506-2486898719-981058799-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
Opera:
=======
OPR Extension: (Translator) - C:\Users\Karlíkxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2019-08-09]
OPR Extension: (uBlock Origin) - C:\Users\Karlíkxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2019-08-09]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11469920 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [542400 2017-11-02] (DESlock Limited -> DESlock Limited.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-07-21] (ESET, spol. s r.o. -> ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService.exe [775680 2018-06-06] (Winstep Software Technologies) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2019-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices Inc.)
R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [174152 2018-02-27] (DESlock Limited -> DESlock Ltd.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2017-11-02] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2017-11-02] (DESlock Limited -> DESlock Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149144 2019-07-21] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [102464 2019-07-21] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189232 2019-07-21] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50488 2019-07-21] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [76896 2019-07-21] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [113336 2019-07-21] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv; C:\WINDOWS\gdrv.sys [26192 2019-04-27] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-04-11] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a8e74171e1b8492\nvlddmkm.sys [20736208 2019-04-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1138136 2019-04-11] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [452008 2019-04-07] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2017-11-02] (DESlock Limited -> DESlock Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [155632 2015-08-07] (Gionee Communication Equipment Co.Ltd.Shenzhen -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-05-07] (Zemana Ltd. -> Zemana Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-09 21:58 - 2019-08-09 21:59 - 000000000 ____D C:\FRST
2019-08-09 21:57 - 2019-08-09 21:59 - 000000000 ____D C:\Users\Karlíkxy\Desktop\Nová složka
2019-08-09 19:51 - 2019-08-09 19:52 - 000000000 ____D C:\Users\Karlíkxy\Desktop\Bíle ikony
2019-08-09 19:50 - 2019-08-09 20:41 - 000000000 ____D C:\Users\Karlíkxy\Desktop\Black grei
2019-08-09 18:45 - 2019-08-09 18:45 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\CEF
2019-08-02 23:18 - 2019-08-02 23:22 - 000000000 ____D C:\Users\Karlíkxy\Desktop\kniha
2019-08-02 21:31 - 2019-08-02 21:31 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-08-02 21:30 - 2019-08-02 21:30 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-09 21:59 - 2018-05-07 12:29 - 000766861 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2019-08-09 21:58 - 2017-03-17 12:45 - 000000000 ____D C:\Users\Karlíkxy\AppData\LocalLow\Mozilla
2019-08-09 21:56 - 2018-10-13 20:01 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\uTorrent
2019-08-09 21:56 - 2017-12-10 11:59 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\CrashDumps
2019-08-09 21:32 - 2019-02-09 13:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-09 20:14 - 2019-06-05 12:16 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Dream Aquarium
2019-08-09 19:25 - 2018-07-04 12:06 - 000000000 ____D C:\Users\Karlíkxy\Documents\American Truck Simulator
2019-08-09 19:11 - 2019-06-14 11:10 - 000000000 ____D C:\Users\Karlíkxy\Documents\Euro Truck Simulator 2
2019-08-09 19:11 - 2017-03-17 13:30 - 000000000 ____D C:\Program Files (x86)\Steam
2019-08-09 17:00 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-09 15:43 - 2018-05-07 12:05 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\ConnectedDevicesPlatform
2019-08-09 15:33 - 2017-03-17 15:10 - 000000000 ____D C:\Games
2019-08-09 15:32 - 2018-03-27 17:15 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Wargaming.net
2019-08-09 15:26 - 2018-05-19 21:17 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\D3DSCache
2019-08-09 15:17 - 2019-05-04 23:20 - 000004188 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1557004838
2019-08-09 15:17 - 2019-05-04 23:20 - 000001456 _____ C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-08-09 15:17 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-09 15:17 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-07 19:42 - 2017-04-16 17:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-07 19:17 - 2018-03-10 00:48 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\vlc
2019-08-02 21:30 - 2018-07-13 18:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-07-30 18:58 - 2019-06-11 20:38 - 000000000 ____D C:\Users\Karlíkxy\Desktop\NIKON Foto
2019-07-24 14:45 - 2019-01-20 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-07-21 21:06 - 2019-02-09 13:48 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-21 21:06 - 2018-09-15 19:39 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-21 21:06 - 2018-09-15 19:39 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-21 21:06 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-07-21 20:59 - 2019-02-09 13:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-21 20:59 - 2017-03-17 12:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-07-21 20:58 - 2018-09-15 08:09 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2019-07-21 20:58 - 2017-10-18 17:36 - 000189232 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000149144 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000113336 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000102464 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000076896 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000050488 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2019-07-19 21:40 - 2017-03-20 21:23 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-13 23:56 - 2018-02-02 21:52 - 000000000 ___RD C:\Users\Karlíkxy\Desktop\Bordel z plochy
2019-07-13 10:32 - 2019-04-06 11:50 - 000000000 ____D C:\Users\Karlíkxy\Documents\Wondershare Filmora 9
2019-07-13 10:32 - 2019-04-06 11:50 - 000000000 ____D C:\ProgramData\Wondershare Filmora
==================== Files in the root of some directories ================
2018-02-10 22:18 - 2018-02-10 22:18 - 000099384 _____ () C:\Users\Karlíkxy\AppData\Roaming\inst.exe
2018-02-10 22:18 - 2018-02-10 22:18 - 000007859 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.cat
2018-02-10 22:18 - 2018-02-10 22:18 - 000001167 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.inf
2018-02-10 22:18 - 2018-02-10 22:18 - 000000055 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.log
2018-02-10 22:18 - 2018-02-10 22:18 - 000082816 _____ (VSO Software) C:\Users\Karlíkxy\AppData\Roaming\pcouffin.sys
2019-03-28 19:04 - 2019-03-28 19:04 - 000000208 _____ () C:\Users\Karlíkxy\AppData\Roaming\VELKEJPC.MTBF.txt
2019-03-28 19:05 - 2019-03-28 19:05 - 000003584 _____ () C:\Users\Karlíkxy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-26 15:40 - 2017-07-26 15:40 - 000000017 _____ () C:\Users\Karlíkxy\AppData\Local\resmon.resmoncfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o jednu preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o jednu preventivku
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2019 02
Ran by Karlíkxy (09-08-2019 22:01:20)
Running from C:\Users\Karlíkxy\Desktop\Nová složka
Windows 10 Pro Version 1809 17763.615 (X64) (2019-02-09 11:52:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4144462506-2486898719-981058799-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4144462506-2486898719-981058799-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4144462506-2486898719-981058799-1000 - Limited - Disabled)
Guest (S-1-5-21-4144462506-2486898719-981058799-501 - Limited - Disabled)
Karlíkxy (S-1-5-21-4144462506-2486898719-981058799-1001 - Administrator - Enabled) => C:\Users\Karlíkxy
WDAGUtilityAccount (S-1-5-21-4144462506-2486898719-981058799-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Photoshop 2019 verze 20.00 (HKLM-x32\...\{9E1F210A-36E7-4881-AE00-B36393244797}_is1) (Version: 20.00 - MOJE SRO)
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.2 - Ashampoo GmbH & Co. KG)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C5300 (HKLM-x32\...\{095FC6D2-DF7E-40C1-B4AF-FFB3EC472BEB}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.01 - NVIDIA Corporation) Hidden
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.22+4.5 - DjVuZone)
Dream Aquarium (HKLM-x32\...\{D2A56D72-6200-4F72-95B2-D74D70333B3C}_is1) (Version: - Alan Kapler, Spiralmonkey Software)
ESET Premium Line Encryption (HKLM\...\{2B31C297-1E0A-4082-B95B-E41B8822FF3D}) (Version: 1.0.14 - ESET) Hidden
ESET Security (HKLM\...\{0F462EFA-8AE8-4C2A-BC94-0AFFF17A8245}) (Version: 12.2.23.0 - ESET, spol. s r.o.)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - Senbiz)
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - Huawei Technologies Co.,Ltd)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C5300 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{12440487-BEA5-48CF-A36C-C86F5D350999}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Mac Blu-ray Player (HKLM-x32\...\Mac Blu-ray Player) (Version: 2.17.4.3289 - Macgo Inc.)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Metro 2033 Redux (HKLM-x32\...\1436434037_is1) (Version: 2.0.0.2 - GOG.com)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 RC Redistributable (x64) - 14.10.24728 (HKLM-x32\...\{197f8e1a-7e93-4cb4-a4f9-19dc2c2c4ee2}) (Version: 14.10.24728.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 RC Redistributable (x86) - 14.10.24728 (HKLM-x32\...\{38602f72-a7f8-456b-84e5-6e200dc99917}) (Version: 14.10.24728.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Moorfrosch XXL (HKLM-x32\...\{852DBAD9-ECAC-48FD-99D8-775CF9BFD42C}) (Version: - )
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 68.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 68.0.1 (x64 cs)) (Version: 68.0.1 - Mozilla)
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 - Microsoft)
Nexus (HKLM-x32\...\Winstep Xtreme_is1) (Version: - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Opera Stable 62.0.3331.116 (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Opera 62.0.3331.116) (Version: 62.0.3331.116 - Opera Software)
Ovládací panel NVIDIA 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.35 - NVIDIA Corporation) Hidden
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.200.200.0 - Tracker Software Products Ltd)
Print Passport Photo 1.2.0 (HKLM-x32\...\Print Passport Photo_is1) (Version: 1.2.0 - Marcello Pietrelli & Gianni Baini)
PS_AIO_04_C5300_Software_Min (HKLM-x32\...\{E10008DF-A422-43F1-A2F5-E3B8F5B0139D}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.1.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.1.0 - VS Revo Group, Ltd.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype verze 8.50 (HKLM-x32\...\Skype_is1) (Version: 8.50 - Skype Technologies S.A.)
SolSuite 2011 v11.1 (HKLM-x32\...\SolSuite_is1) (Version: - TreeCardGames)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spintires MudRunner CZ Codex v.2018.05.21 (HKLM-x32\...\Spintires MudRunner CZ Codex v.2018.05.21) (Version: Codex v.2018.05.21 - Libbi)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TomTom HOME (HKLM-x32\...\{C51F55EC-477D-4385-B951-BDEFA5DFC90B}) (Version: 2.11.6 - Název společnosti:)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
uRage Reaper nxt. version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.52 - VSO Software)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.1.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.84 - ZONER software)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-21] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2017-11-02] (DESlock Limited -> DESlock Limited)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-21] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-21] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-21] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\RevoUninPro\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-01-20 10:47 - 2019-07-18 17:14 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-01-20 10:47 - 2019-07-18 17:14 - 002901504 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-12-12 12:32 - 2018-12-12 12:32 - 000190784 _____ (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2019-01-20 10:47 - 2019-07-18 17:14 - 015257088 _____ (Node.js) [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\node.dll
2019-04-04 23:54 - 2019-03-01 05:13 - 017959552 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\Nexus.exe
2019-04-04 23:54 - 2017-11-24 17:43 - 000026624 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxMMTimer.dll
2019-04-04 23:54 - 2018-06-06 14:04 - 000775680 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2019-04-04 09:41 - 000000984 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 cbs.wondershare.com
127.0.0.1 http://www.cbs.wondershare.com
127.0.0.1 platform.wondershare.com
127.0.0.1 http://www.wondershare.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "VICTORY Gaming Keyboard"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AE849AFE-84FD-4467-B29B-4FBFAFC1DB44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe () [File not signed]
FirewallRules: [{6CBCED1B-14F2-460D-A626-F14C319EDECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe () [File not signed]
FirewallRules: [{72F6EFCC-54A5-4238-871C-FD5D8FA79F89}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D1C6C491-7B26-41E8-B550-5EAD7545F94F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E88A57CE-41C7-4F23-8812-AD227644DA9B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{6FB32F5F-B2BE-4689-A1B8-D1B275064CA6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{B060137E-6733-479F-8504-321B8AD3D833}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B7F8B695-221D-4381-8D74-66B071639127}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{CE5B9646-F00F-45D8-9963-DBC6929EE062}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B477C140-B135-4E27-AFFC-F4323A6093A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8B292744-2DAD-4661-92F2-09066939A79B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{E5B277B2-0316-489D-9CCA-3D9B9876674E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4811A3ED-2B2D-45A1-B9BB-6E559B80D33F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{55956298-0CC4-42F9-A381-3A363AD7B3AB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0F4D0B95-289E-4C7A-A59C-1D739F690F9D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{24F51C10-AA83-4F70-A059-063830C359C8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6FF1C4D7-3E08-4198-883D-A8A9C71E0D42}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{83645A7A-432E-433B-AD8C-280F6DDC22B7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EDE30928-5C09-48CF-88D9-47E0F7C3BCF9}] => (Allow) LPort=2869
FirewallRules: [{0F1A8D5D-FE51-4E92-ABBC-EF7544B74EC8}] => (Allow) LPort=1900
FirewallRules: [{98F31C6E-1DF3-4CB6-A489-2FC269F011EB}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{7B4CAD1C-19B2-4142-A311-01552FB0F6B7}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{60A9EC4B-304B-40DE-B906-94D2B3DA2C07}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{F1FFE5FB-F7C5-4662-83F6-DD8A1FFCA21F}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{C2616D4C-3EB1-45F8-B105-054D73BB85A7}] => (Allow) LPort=25555
FirewallRules: [{AF030326-15D3-4A13-9C16-E96F3507C4A0}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{F935528C-D008-436E-B687-B38761AD25E3}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{723BF365-56E5-4D73-A4F3-675F0B62185D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9884D73C-19C3-4A00-9126-DD5FE7C6F0CB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8CC510C8-D80E-48D1-A965-157C005FEDF3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5A1CC65-5AB7-424C-B64B-81A30A910B3A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21CE42CE-6F9E-4B91-B316-AEC4169932AD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{64DCB0CB-E45A-4780-B046-72F6B398E416}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{752C98D7-A728-488B-8973-33396BB923D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{16E6CAE4-7E58-4EE2-8E71-B186580B7D66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{3A9568C2-645F-4B71-860C-4F6C734323F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{EAB9E92E-193D-4006-8313-A3053D6808E2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E0994109-D03B-46E5-AD18-F6980CB027A7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C9E2F2B8-241B-4FB2-AD2F-7718857C9A07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{629EC1F4-F3DF-47F1-B7C5-12302790B81F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{DCC622DB-2D7C-418F-BCEC-A0C54FC8AFD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9670AB7B-71EF-414C-B17B-39501636A1C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B5779059-8A99-44A9-82A5-892F63658062}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D17B8906-87FC-4276-B2E1-E3147EB0BF88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
==================== Restore Points =========================
16-07-2019 17:34:37 Naplánovaný kontrolní bod
26-07-2019 22:00:04 Naplánovaný kontrolní bod
02-08-2019 23:45:23 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: Disketová jednotka
Description: Disketová jednotka
Class Guid: {4d36e980-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní disketové jednotky)
Service: flpydisk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/09/2019 09:56:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x1548
Čas spuštění chybující aplikace: 0x01d54edc14631965
Cesta k chybující aplikaci: C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 175af96b-f31e-4dea-a10e-f0b8ae2ae31c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/09/2019 03:40:28 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (08/07/2019 12:24:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amtrucks.exe, verze: 1.35.1.26, časové razítko: 0x5d2869dc
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.592, časové razítko: 0x0f1b8afd
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000fb049
ID chybujícího procesu: 0x2b3c
Čas spuštění chybující aplikace: 0x01d54d09922f0d20
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: c4f24375-bcea-40b1-9321-92e3f4cd0eb4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/07/2019 12:19:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program amtrucks.exe verze 1.35.1.26 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: a70
Čas spuštění: 01d54d096134d7c6
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
ID hlášení: bc7d2796-dac4-472a-bfb3-6d9604ded5ec
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (07/24/2019 04:20:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.35.1.17, časové razítko: 0x5d28dbeb
Název chybujícího modulu: d3d11.dll, verze: 10.0.17763.1, časové razítko: 0x13a31007
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000012c9d0
ID chybujícího procesu: 0x2338
Čas spuštění chybující aplikace: 0x01d54229ecff17a6
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\d3d11.dll
ID zprávy: d89f24cd-28c1-43ac-bb5c-447c227968d9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/18/2019 09:53:26 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (07/18/2019 08:17:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amtrucks.exe, verze: 1.35.1.26, časové razítko: 0x5d2869dc
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.592, časové razítko: 0x0f1b8afd
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000fb049
ID chybujícího procesu: 0x18b4
Čas spuštění chybující aplikace: 0x01d53d948b56075e
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: a0cef50c-05f9-4721-9e54-987582816991
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/18/2019 07:38:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amtrucks.exe, verze: 1.35.1.26, časové razítko: 0x5d2869dc
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.592, časové razítko: 0x0f1b8afd
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000fb049
ID chybujícího procesu: 0x222c
Čas spuštění chybující aplikace: 0x01d53d8f13aaa189
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 43f239c0-0864-4d67-92c1-3d9b51cb166e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/09/2019 09:46:25 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/09/2019 09:46:25 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/09/2019 08:48:58 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/09/2019 08:48:58 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/09/2019 08:21:48 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/09/2019 08:21:48 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/09/2019 08:18:58 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/09/2019 08:18:58 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-02-09 12:53:06.886
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze podpisu: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
CodeIntegrity:
===================================
Date: 2019-02-09 12:53:53.914
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.909
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.899
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.882
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.838
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.771
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.707
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.692
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F8 10/18/2010
Motherboard: Gigabyte Technology Co., Ltd. GA-MA770T-UD3
Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 34%
Total physical RAM: 16381.55 MB
Available physical RAM: 10799.53 MB
Total Virtual: 17405.55 MB
Available Virtual: 10165.42 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.56 GB) (Free:567.56 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.51 GB) (Free:677.59 GB) NTFS
\\?\Volume{61d92415-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{61d92415-0000-0000-0000-60c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 61D92415)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=469 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2EFF3D7B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Karlíkxy (09-08-2019 22:01:20)
Running from C:\Users\Karlíkxy\Desktop\Nová složka
Windows 10 Pro Version 1809 17763.615 (X64) (2019-02-09 11:52:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4144462506-2486898719-981058799-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4144462506-2486898719-981058799-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4144462506-2486898719-981058799-1000 - Limited - Disabled)
Guest (S-1-5-21-4144462506-2486898719-981058799-501 - Limited - Disabled)
Karlíkxy (S-1-5-21-4144462506-2486898719-981058799-1001 - Administrator - Enabled) => C:\Users\Karlíkxy
WDAGUtilityAccount (S-1-5-21-4144462506-2486898719-981058799-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Photoshop 2019 verze 20.00 (HKLM-x32\...\{9E1F210A-36E7-4881-AE00-B36393244797}_is1) (Version: 20.00 - MOJE SRO)
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.2 - Ashampoo GmbH & Co. KG)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C5300 (HKLM-x32\...\{095FC6D2-DF7E-40C1-B4AF-FFB3EC472BEB}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.01 - NVIDIA Corporation) Hidden
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.22+4.5 - DjVuZone)
Dream Aquarium (HKLM-x32\...\{D2A56D72-6200-4F72-95B2-D74D70333B3C}_is1) (Version: - Alan Kapler, Spiralmonkey Software)
ESET Premium Line Encryption (HKLM\...\{2B31C297-1E0A-4082-B95B-E41B8822FF3D}) (Version: 1.0.14 - ESET) Hidden
ESET Security (HKLM\...\{0F462EFA-8AE8-4C2A-BC94-0AFFF17A8245}) (Version: 12.2.23.0 - ESET, spol. s r.o.)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - Senbiz)
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - Huawei Technologies Co.,Ltd)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C5300 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{12440487-BEA5-48CF-A36C-C86F5D350999}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Mac Blu-ray Player (HKLM-x32\...\Mac Blu-ray Player) (Version: 2.17.4.3289 - Macgo Inc.)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Metro 2033 Redux (HKLM-x32\...\1436434037_is1) (Version: 2.0.0.2 - GOG.com)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 RC Redistributable (x64) - 14.10.24728 (HKLM-x32\...\{197f8e1a-7e93-4cb4-a4f9-19dc2c2c4ee2}) (Version: 14.10.24728.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 RC Redistributable (x86) - 14.10.24728 (HKLM-x32\...\{38602f72-a7f8-456b-84e5-6e200dc99917}) (Version: 14.10.24728.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Moorfrosch XXL (HKLM-x32\...\{852DBAD9-ECAC-48FD-99D8-775CF9BFD42C}) (Version: - )
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 68.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 68.0.1 (x64 cs)) (Version: 68.0.1 - Mozilla)
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 - Microsoft)
Nexus (HKLM-x32\...\Winstep Xtreme_is1) (Version: - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Opera Stable 62.0.3331.116 (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Opera 62.0.3331.116) (Version: 62.0.3331.116 - Opera Software)
Ovládací panel NVIDIA 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.35 - NVIDIA Corporation) Hidden
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.200.200.0 - Tracker Software Products Ltd)
Print Passport Photo 1.2.0 (HKLM-x32\...\Print Passport Photo_is1) (Version: 1.2.0 - Marcello Pietrelli & Gianni Baini)
PS_AIO_04_C5300_Software_Min (HKLM-x32\...\{E10008DF-A422-43F1-A2F5-E3B8F5B0139D}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.1.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.1.0 - VS Revo Group, Ltd.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype verze 8.50 (HKLM-x32\...\Skype_is1) (Version: 8.50 - Skype Technologies S.A.)
SolSuite 2011 v11.1 (HKLM-x32\...\SolSuite_is1) (Version: - TreeCardGames)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spintires MudRunner CZ Codex v.2018.05.21 (HKLM-x32\...\Spintires MudRunner CZ Codex v.2018.05.21) (Version: Codex v.2018.05.21 - Libbi)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TomTom HOME (HKLM-x32\...\{C51F55EC-477D-4385-B951-BDEFA5DFC90B}) (Version: 2.11.6 - Název společnosti:)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
uRage Reaper nxt. version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.52 - VSO Software)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.1.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.84 - ZONER software)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-21] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2017-11-02] (DESlock Limited -> DESlock Limited)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-21] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-21] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-21] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\RevoUninPro\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-01-20 10:47 - 2019-07-18 17:14 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-01-20 10:47 - 2019-07-18 17:14 - 002901504 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-12-12 12:32 - 2018-12-12 12:32 - 000190784 _____ (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2019-01-20 10:47 - 2019-07-18 17:14 - 015257088 _____ (Node.js) [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\node.dll
2019-04-04 23:54 - 2019-03-01 05:13 - 017959552 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\Nexus.exe
2019-04-04 23:54 - 2017-11-24 17:43 - 000026624 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxMMTimer.dll
2019-04-04 23:54 - 2018-06-06 14:04 - 000775680 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2019-04-04 09:41 - 000000984 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 cbs.wondershare.com
127.0.0.1 http://www.cbs.wondershare.com
127.0.0.1 platform.wondershare.com
127.0.0.1 http://www.wondershare.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "VICTORY Gaming Keyboard"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AE849AFE-84FD-4467-B29B-4FBFAFC1DB44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe () [File not signed]
FirewallRules: [{6CBCED1B-14F2-460D-A626-F14C319EDECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe () [File not signed]
FirewallRules: [{72F6EFCC-54A5-4238-871C-FD5D8FA79F89}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D1C6C491-7B26-41E8-B550-5EAD7545F94F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E88A57CE-41C7-4F23-8812-AD227644DA9B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{6FB32F5F-B2BE-4689-A1B8-D1B275064CA6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{B060137E-6733-479F-8504-321B8AD3D833}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B7F8B695-221D-4381-8D74-66B071639127}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{CE5B9646-F00F-45D8-9963-DBC6929EE062}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B477C140-B135-4E27-AFFC-F4323A6093A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8B292744-2DAD-4661-92F2-09066939A79B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{E5B277B2-0316-489D-9CCA-3D9B9876674E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4811A3ED-2B2D-45A1-B9BB-6E559B80D33F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{55956298-0CC4-42F9-A381-3A363AD7B3AB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0F4D0B95-289E-4C7A-A59C-1D739F690F9D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{24F51C10-AA83-4F70-A059-063830C359C8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6FF1C4D7-3E08-4198-883D-A8A9C71E0D42}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{83645A7A-432E-433B-AD8C-280F6DDC22B7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EDE30928-5C09-48CF-88D9-47E0F7C3BCF9}] => (Allow) LPort=2869
FirewallRules: [{0F1A8D5D-FE51-4E92-ABBC-EF7544B74EC8}] => (Allow) LPort=1900
FirewallRules: [{98F31C6E-1DF3-4CB6-A489-2FC269F011EB}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{7B4CAD1C-19B2-4142-A311-01552FB0F6B7}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{60A9EC4B-304B-40DE-B906-94D2B3DA2C07}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{F1FFE5FB-F7C5-4662-83F6-DD8A1FFCA21F}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{C2616D4C-3EB1-45F8-B105-054D73BB85A7}] => (Allow) LPort=25555
FirewallRules: [{AF030326-15D3-4A13-9C16-E96F3507C4A0}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{F935528C-D008-436E-B687-B38761AD25E3}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{723BF365-56E5-4D73-A4F3-675F0B62185D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9884D73C-19C3-4A00-9126-DD5FE7C6F0CB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8CC510C8-D80E-48D1-A965-157C005FEDF3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5A1CC65-5AB7-424C-B64B-81A30A910B3A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21CE42CE-6F9E-4B91-B316-AEC4169932AD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{64DCB0CB-E45A-4780-B046-72F6B398E416}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{752C98D7-A728-488B-8973-33396BB923D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{16E6CAE4-7E58-4EE2-8E71-B186580B7D66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{3A9568C2-645F-4B71-860C-4F6C734323F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{EAB9E92E-193D-4006-8313-A3053D6808E2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E0994109-D03B-46E5-AD18-F6980CB027A7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C9E2F2B8-241B-4FB2-AD2F-7718857C9A07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{629EC1F4-F3DF-47F1-B7C5-12302790B81F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{DCC622DB-2D7C-418F-BCEC-A0C54FC8AFD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9670AB7B-71EF-414C-B17B-39501636A1C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B5779059-8A99-44A9-82A5-892F63658062}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D17B8906-87FC-4276-B2E1-E3147EB0BF88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
==================== Restore Points =========================
16-07-2019 17:34:37 Naplánovaný kontrolní bod
26-07-2019 22:00:04 Naplánovaný kontrolní bod
02-08-2019 23:45:23 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: Disketová jednotka
Description: Disketová jednotka
Class Guid: {4d36e980-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní disketové jednotky)
Service: flpydisk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/09/2019 09:56:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x1548
Čas spuštění chybující aplikace: 0x01d54edc14631965
Cesta k chybující aplikaci: C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 175af96b-f31e-4dea-a10e-f0b8ae2ae31c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/09/2019 03:40:28 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (08/07/2019 12:24:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amtrucks.exe, verze: 1.35.1.26, časové razítko: 0x5d2869dc
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.592, časové razítko: 0x0f1b8afd
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000fb049
ID chybujícího procesu: 0x2b3c
Čas spuštění chybující aplikace: 0x01d54d09922f0d20
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: c4f24375-bcea-40b1-9321-92e3f4cd0eb4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/07/2019 12:19:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program amtrucks.exe verze 1.35.1.26 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: a70
Čas spuštění: 01d54d096134d7c6
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
ID hlášení: bc7d2796-dac4-472a-bfb3-6d9604ded5ec
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (07/24/2019 04:20:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.35.1.17, časové razítko: 0x5d28dbeb
Název chybujícího modulu: d3d11.dll, verze: 10.0.17763.1, časové razítko: 0x13a31007
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000012c9d0
ID chybujícího procesu: 0x2338
Čas spuštění chybující aplikace: 0x01d54229ecff17a6
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\d3d11.dll
ID zprávy: d89f24cd-28c1-43ac-bb5c-447c227968d9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/18/2019 09:53:26 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (07/18/2019 08:17:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amtrucks.exe, verze: 1.35.1.26, časové razítko: 0x5d2869dc
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.592, časové razítko: 0x0f1b8afd
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000fb049
ID chybujícího procesu: 0x18b4
Čas spuštění chybující aplikace: 0x01d53d948b56075e
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: a0cef50c-05f9-4721-9e54-987582816991
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/18/2019 07:38:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amtrucks.exe, verze: 1.35.1.26, časové razítko: 0x5d2869dc
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.592, časové razítko: 0x0f1b8afd
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000fb049
ID chybujícího procesu: 0x222c
Čas spuštění chybující aplikace: 0x01d53d8f13aaa189
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 43f239c0-0864-4d67-92c1-3d9b51cb166e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/09/2019 09:46:25 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/09/2019 09:46:25 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/09/2019 08:48:58 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/09/2019 08:48:58 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/09/2019 08:21:48 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/09/2019 08:21:48 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/09/2019 08:18:58 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/09/2019 08:18:58 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-02-09 12:53:06.886
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze podpisu: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
CodeIntegrity:
===================================
Date: 2019-02-09 12:53:53.914
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.909
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.899
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.882
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.838
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.771
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.707
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.692
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F8 10/18/2010
Motherboard: Gigabyte Technology Co., Ltd. GA-MA770T-UD3
Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 34%
Total physical RAM: 16381.55 MB
Available physical RAM: 10799.53 MB
Total Virtual: 17405.55 MB
Available Virtual: 10165.42 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.56 GB) (Free:567.56 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.51 GB) (Free:677.59 GB) NTFS
\\?\Volume{61d92415-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{61d92415-0000-0000-0000-60c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 61D92415)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=469 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2EFF3D7B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Re: Prosím o jednu preventivku
Ahoj 
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o jednu preventivku
# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-08-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-10-2019
# Duration: 00:00:12
# OS: Windows 10 Pro
# Scanned: 35457
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-08-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-10-2019
# Duration: 00:00:12
# OS: Windows 10 Pro
# Scanned: 35457
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Re: Prosím o jednu preventivku
Poprosim o obidva nove logy z FRST.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o jednu preventivku
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-08-2019
Ran by Karlíkxy (10-08-2019 21:45:23)
Running from C:\Users\Karlíkxy\Desktop\Nová složka
Windows 10 Pro Version 1809 17763.615 (X64) (2019-02-09 11:52:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4144462506-2486898719-981058799-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4144462506-2486898719-981058799-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4144462506-2486898719-981058799-1000 - Limited - Disabled)
Guest (S-1-5-21-4144462506-2486898719-981058799-501 - Limited - Disabled)
Karlíkxy (S-1-5-21-4144462506-2486898719-981058799-1001 - Administrator - Enabled) => C:\Users\Karlíkxy
WDAGUtilityAccount (S-1-5-21-4144462506-2486898719-981058799-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Photoshop 2019 verze 20.00 (HKLM-x32\...\{9E1F210A-36E7-4881-AE00-B36393244797}_is1) (Version: 20.00 - MOJE SRO)
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.2 - Ashampoo GmbH & Co. KG)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C5300 (HKLM-x32\...\{095FC6D2-DF7E-40C1-B4AF-FFB3EC472BEB}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.01 - NVIDIA Corporation) Hidden
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.22+4.5 - DjVuZone)
Dream Aquarium (HKLM-x32\...\{D2A56D72-6200-4F72-95B2-D74D70333B3C}_is1) (Version: - Alan Kapler, Spiralmonkey Software)
ESET Premium Line Encryption (HKLM\...\{2B31C297-1E0A-4082-B95B-E41B8822FF3D}) (Version: 1.0.14 - ESET) Hidden
ESET Security (HKLM\...\{0F462EFA-8AE8-4C2A-BC94-0AFFF17A8245}) (Version: 12.2.23.0 - ESET, spol. s r.o.)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - Senbiz)
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - Huawei Technologies Co.,Ltd)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C5300 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{12440487-BEA5-48CF-A36C-C86F5D350999}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Mac Blu-ray Player (HKLM-x32\...\Mac Blu-ray Player) (Version: 2.17.4.3289 - Macgo Inc.)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Metro 2033 Redux (HKLM-x32\...\1436434037_is1) (Version: 2.0.0.2 - GOG.com)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 RC Redistributable (x64) - 14.10.24728 (HKLM-x32\...\{197f8e1a-7e93-4cb4-a4f9-19dc2c2c4ee2}) (Version: 14.10.24728.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 RC Redistributable (x86) - 14.10.24728 (HKLM-x32\...\{38602f72-a7f8-456b-84e5-6e200dc99917}) (Version: 14.10.24728.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Moorfrosch XXL (HKLM-x32\...\{852DBAD9-ECAC-48FD-99D8-775CF9BFD42C}) (Version: - )
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 68.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 68.0.1 (x64 cs)) (Version: 68.0.1 - Mozilla)
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 - Microsoft)
Nexus (HKLM-x32\...\Winstep Xtreme_is1) (Version: - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Opera Stable 62.0.3331.116 (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Opera 62.0.3331.116) (Version: 62.0.3331.116 - Opera Software)
Ovládací panel NVIDIA 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.35 - NVIDIA Corporation) Hidden
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.200.200.0 - Tracker Software Products Ltd)
Print Passport Photo 1.2.0 (HKLM-x32\...\Print Passport Photo_is1) (Version: 1.2.0 - Marcello Pietrelli & Gianni Baini)
PS_AIO_04_C5300_Software_Min (HKLM-x32\...\{E10008DF-A422-43F1-A2F5-E3B8F5B0139D}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.1.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.1.0 - VS Revo Group, Ltd.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype verze 8.50 (HKLM-x32\...\Skype_is1) (Version: 8.50 - Skype Technologies S.A.)
SolSuite 2011 v11.1 (HKLM-x32\...\SolSuite_is1) (Version: - TreeCardGames)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spintires MudRunner CZ Codex v.2018.05.21 (HKLM-x32\...\Spintires MudRunner CZ Codex v.2018.05.21) (Version: Codex v.2018.05.21 - Libbi)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TomTom HOME (HKLM-x32\...\{C51F55EC-477D-4385-B951-BDEFA5DFC90B}) (Version: 2.11.6 - Název společnosti:)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
uRage Reaper nxt. version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.52 - VSO Software)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.1.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.84 - ZONER software)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-21] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2017-11-02] (DESlock Limited -> DESlock Limited)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-21] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-21] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-21] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\RevoUninPro\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-01-20 10:47 - 2019-07-18 17:14 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-01-20 10:47 - 2019-07-18 17:14 - 002901504 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-12-12 12:32 - 2018-12-12 12:32 - 000190784 _____ (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2019-01-20 10:47 - 2019-07-18 17:14 - 015257088 _____ (Node.js) [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\node.dll
2018-11-02 19:15 - 2018-10-25 21:00 - 000414656 _____ (uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
2019-04-04 23:54 - 2018-06-06 14:04 - 000775680 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2019-04-04 09:41 - 000000984 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 cbs.wondershare.com
127.0.0.1 www.cbs.wondershare.com
127.0.0.1 platform.wondershare.com
127.0.0.1 www.wondershare.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "VICTORY Gaming Keyboard"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AE849AFE-84FD-4467-B29B-4FBFAFC1DB44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe () [File not signed]
FirewallRules: [{6CBCED1B-14F2-460D-A626-F14C319EDECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe () [File not signed]
FirewallRules: [{72F6EFCC-54A5-4238-871C-FD5D8FA79F89}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D1C6C491-7B26-41E8-B550-5EAD7545F94F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E88A57CE-41C7-4F23-8812-AD227644DA9B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{6FB32F5F-B2BE-4689-A1B8-D1B275064CA6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{B060137E-6733-479F-8504-321B8AD3D833}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B7F8B695-221D-4381-8D74-66B071639127}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{CE5B9646-F00F-45D8-9963-DBC6929EE062}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B477C140-B135-4E27-AFFC-F4323A6093A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8B292744-2DAD-4661-92F2-09066939A79B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{E5B277B2-0316-489D-9CCA-3D9B9876674E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4811A3ED-2B2D-45A1-B9BB-6E559B80D33F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{55956298-0CC4-42F9-A381-3A363AD7B3AB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0F4D0B95-289E-4C7A-A59C-1D739F690F9D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{24F51C10-AA83-4F70-A059-063830C359C8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6FF1C4D7-3E08-4198-883D-A8A9C71E0D42}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{83645A7A-432E-433B-AD8C-280F6DDC22B7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EDE30928-5C09-48CF-88D9-47E0F7C3BCF9}] => (Allow) LPort=2869
FirewallRules: [{0F1A8D5D-FE51-4E92-ABBC-EF7544B74EC8}] => (Allow) LPort=1900
FirewallRules: [{98F31C6E-1DF3-4CB6-A489-2FC269F011EB}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{7B4CAD1C-19B2-4142-A311-01552FB0F6B7}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{60A9EC4B-304B-40DE-B906-94D2B3DA2C07}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{F1FFE5FB-F7C5-4662-83F6-DD8A1FFCA21F}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{C2616D4C-3EB1-45F8-B105-054D73BB85A7}] => (Allow) LPort=25555
FirewallRules: [{AF030326-15D3-4A13-9C16-E96F3507C4A0}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{F935528C-D008-436E-B687-B38761AD25E3}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{723BF365-56E5-4D73-A4F3-675F0B62185D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9884D73C-19C3-4A00-9126-DD5FE7C6F0CB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8CC510C8-D80E-48D1-A965-157C005FEDF3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5A1CC65-5AB7-424C-B64B-81A30A910B3A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21CE42CE-6F9E-4B91-B316-AEC4169932AD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{64DCB0CB-E45A-4780-B046-72F6B398E416}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{752C98D7-A728-488B-8973-33396BB923D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{16E6CAE4-7E58-4EE2-8E71-B186580B7D66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{3A9568C2-645F-4B71-860C-4F6C734323F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{EAB9E92E-193D-4006-8313-A3053D6808E2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E0994109-D03B-46E5-AD18-F6980CB027A7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C9E2F2B8-241B-4FB2-AD2F-7718857C9A07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{629EC1F4-F3DF-47F1-B7C5-12302790B81F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{DCC622DB-2D7C-418F-BCEC-A0C54FC8AFD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9670AB7B-71EF-414C-B17B-39501636A1C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B5779059-8A99-44A9-82A5-892F63658062}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D17B8906-87FC-4276-B2E1-E3147EB0BF88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
==================== Restore Points =========================
16-07-2019 17:34:37 Naplánovaný kontrolní bod
26-07-2019 22:00:04 Naplánovaný kontrolní bod
02-08-2019 23:45:23 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: Disketová jednotka
Description: Disketová jednotka
Class Guid: {4d36e980-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní disketové jednotky)
Service: flpydisk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/10/2019 07:57:47 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (08/10/2019 08:25:58 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/09/2019 10:54:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: malwarebytes_assistant.exe, verze: 3.1.0.1614, časové razítko: 0x5b9bcc2c
Název chybujícího modulu: malwarebytes_assistant.exe, verze: 3.1.0.1614, časové razítko: 0x5b9bcc2c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000bad2
ID chybujícího procesu: 0x1038
Čas spuštění chybující aplikace: 0x01d54ef49b09149c
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
ID zprávy: 0c93da67-6cd5-4cde-9e53-78be301b41ce
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/09/2019 09:56:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x1548
Čas spuštění chybující aplikace: 0x01d54edc14631965
Cesta k chybující aplikaci: C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 175af96b-f31e-4dea-a10e-f0b8ae2ae31c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/09/2019 03:40:28 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (08/07/2019 12:24:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amtrucks.exe, verze: 1.35.1.26, časové razítko: 0x5d2869dc
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.592, časové razítko: 0x0f1b8afd
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000fb049
ID chybujícího procesu: 0x2b3c
Čas spuštění chybující aplikace: 0x01d54d09922f0d20
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: c4f24375-bcea-40b1-9321-92e3f4cd0eb4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/07/2019 12:19:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program amtrucks.exe verze 1.35.1.26 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: a70
Čas spuštění: 01d54d096134d7c6
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
ID hlášení: bc7d2796-dac4-472a-bfb3-6d9604ded5ec
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (07/24/2019 04:20:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.35.1.17, časové razítko: 0x5d28dbeb
Název chybujícího modulu: d3d11.dll, verze: 10.0.17763.1, časové razítko: 0x13a31007
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000012c9d0
ID chybujícího procesu: 0x2338
Čas spuštění chybující aplikace: 0x01d54229ecff17a6
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\d3d11.dll
ID zprávy: d89f24cd-28c1-43ac-bb5c-447c227968d9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/10/2019 09:42:00 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/10/2019 09:42:00 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/10/2019 07:57:38 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/10/2019 07:24:06 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/10/2019 06:28:33 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/10/2019 06:28:33 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/10/2019 01:52:06 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/10/2019 01:52:06 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-02-09 12:53:06.886
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze podpisu: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
CodeIntegrity:
===================================
Date: 2019-02-09 12:53:53.914
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.909
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.899
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.882
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.838
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.771
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.707
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.692
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F8 10/18/2010
Motherboard: Gigabyte Technology Co., Ltd. GA-MA770T-UD3
Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 32%
Total physical RAM: 16381.55 MB
Available physical RAM: 10981.03 MB
Total Virtual: 17405.55 MB
Available Virtual: 10101.42 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.56 GB) (Free:534.94 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.51 GB) (Free:677.59 GB) NTFS
\\?\Volume{61d92415-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{61d92415-0000-0000-0000-60c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 61D92415)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=469 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2EFF3D7B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Karlíkxy (10-08-2019 21:45:23)
Running from C:\Users\Karlíkxy\Desktop\Nová složka
Windows 10 Pro Version 1809 17763.615 (X64) (2019-02-09 11:52:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4144462506-2486898719-981058799-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4144462506-2486898719-981058799-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4144462506-2486898719-981058799-1000 - Limited - Disabled)
Guest (S-1-5-21-4144462506-2486898719-981058799-501 - Limited - Disabled)
Karlíkxy (S-1-5-21-4144462506-2486898719-981058799-1001 - Administrator - Enabled) => C:\Users\Karlíkxy
WDAGUtilityAccount (S-1-5-21-4144462506-2486898719-981058799-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Photoshop 2019 verze 20.00 (HKLM-x32\...\{9E1F210A-36E7-4881-AE00-B36393244797}_is1) (Version: 20.00 - MOJE SRO)
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.2 - Ashampoo GmbH & Co. KG)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C5300 (HKLM-x32\...\{095FC6D2-DF7E-40C1-B4AF-FFB3EC472BEB}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.01 - NVIDIA Corporation) Hidden
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.22+4.5 - DjVuZone)
Dream Aquarium (HKLM-x32\...\{D2A56D72-6200-4F72-95B2-D74D70333B3C}_is1) (Version: - Alan Kapler, Spiralmonkey Software)
ESET Premium Line Encryption (HKLM\...\{2B31C297-1E0A-4082-B95B-E41B8822FF3D}) (Version: 1.0.14 - ESET) Hidden
ESET Security (HKLM\...\{0F462EFA-8AE8-4C2A-BC94-0AFFF17A8245}) (Version: 12.2.23.0 - ESET, spol. s r.o.)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - Senbiz)
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - Huawei Technologies Co.,Ltd)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C5300 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{12440487-BEA5-48CF-A36C-C86F5D350999}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Mac Blu-ray Player (HKLM-x32\...\Mac Blu-ray Player) (Version: 2.17.4.3289 - Macgo Inc.)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Metro 2033 Redux (HKLM-x32\...\1436434037_is1) (Version: 2.0.0.2 - GOG.com)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 RC Redistributable (x64) - 14.10.24728 (HKLM-x32\...\{197f8e1a-7e93-4cb4-a4f9-19dc2c2c4ee2}) (Version: 14.10.24728.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 RC Redistributable (x86) - 14.10.24728 (HKLM-x32\...\{38602f72-a7f8-456b-84e5-6e200dc99917}) (Version: 14.10.24728.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Moorfrosch XXL (HKLM-x32\...\{852DBAD9-ECAC-48FD-99D8-775CF9BFD42C}) (Version: - )
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 68.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 68.0.1 (x64 cs)) (Version: 68.0.1 - Mozilla)
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 - Microsoft)
Nexus (HKLM-x32\...\Winstep Xtreme_is1) (Version: - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Opera Stable 62.0.3331.116 (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Opera 62.0.3331.116) (Version: 62.0.3331.116 - Opera Software)
Ovládací panel NVIDIA 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.35 - NVIDIA Corporation) Hidden
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.200.200.0 - Tracker Software Products Ltd)
Print Passport Photo 1.2.0 (HKLM-x32\...\Print Passport Photo_is1) (Version: 1.2.0 - Marcello Pietrelli & Gianni Baini)
PS_AIO_04_C5300_Software_Min (HKLM-x32\...\{E10008DF-A422-43F1-A2F5-E3B8F5B0139D}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.1.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.1.0 - VS Revo Group, Ltd.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype verze 8.50 (HKLM-x32\...\Skype_is1) (Version: 8.50 - Skype Technologies S.A.)
SolSuite 2011 v11.1 (HKLM-x32\...\SolSuite_is1) (Version: - TreeCardGames)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spintires MudRunner CZ Codex v.2018.05.21 (HKLM-x32\...\Spintires MudRunner CZ Codex v.2018.05.21) (Version: Codex v.2018.05.21 - Libbi)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TomTom HOME (HKLM-x32\...\{C51F55EC-477D-4385-B951-BDEFA5DFC90B}) (Version: 2.11.6 - Název společnosti:)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
uRage Reaper nxt. version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.52 - VSO Software)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.1.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.84 - ZONER software)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-21] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2017-11-02] (DESlock Limited -> DESlock Limited)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-21] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-21] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-21] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\RevoUninPro\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-01-20 10:47 - 2019-07-18 17:14 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-01-20 10:47 - 2019-07-18 17:14 - 002901504 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-12-12 12:32 - 2018-12-12 12:32 - 000190784 _____ (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2019-01-20 10:47 - 2019-07-18 17:14 - 015257088 _____ (Node.js) [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\node.dll
2018-11-02 19:15 - 2018-10-25 21:00 - 000414656 _____ (uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
2019-04-04 23:54 - 2018-06-06 14:04 - 000775680 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2019-04-04 09:41 - 000000984 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 cbs.wondershare.com
127.0.0.1 www.cbs.wondershare.com
127.0.0.1 platform.wondershare.com
127.0.0.1 www.wondershare.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "VICTORY Gaming Keyboard"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AE849AFE-84FD-4467-B29B-4FBFAFC1DB44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe () [File not signed]
FirewallRules: [{6CBCED1B-14F2-460D-A626-F14C319EDECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe () [File not signed]
FirewallRules: [{72F6EFCC-54A5-4238-871C-FD5D8FA79F89}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D1C6C491-7B26-41E8-B550-5EAD7545F94F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E88A57CE-41C7-4F23-8812-AD227644DA9B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{6FB32F5F-B2BE-4689-A1B8-D1B275064CA6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{B060137E-6733-479F-8504-321B8AD3D833}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B7F8B695-221D-4381-8D74-66B071639127}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{CE5B9646-F00F-45D8-9963-DBC6929EE062}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B477C140-B135-4E27-AFFC-F4323A6093A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8B292744-2DAD-4661-92F2-09066939A79B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{E5B277B2-0316-489D-9CCA-3D9B9876674E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4811A3ED-2B2D-45A1-B9BB-6E559B80D33F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{55956298-0CC4-42F9-A381-3A363AD7B3AB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0F4D0B95-289E-4C7A-A59C-1D739F690F9D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{24F51C10-AA83-4F70-A059-063830C359C8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6FF1C4D7-3E08-4198-883D-A8A9C71E0D42}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{83645A7A-432E-433B-AD8C-280F6DDC22B7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EDE30928-5C09-48CF-88D9-47E0F7C3BCF9}] => (Allow) LPort=2869
FirewallRules: [{0F1A8D5D-FE51-4E92-ABBC-EF7544B74EC8}] => (Allow) LPort=1900
FirewallRules: [{98F31C6E-1DF3-4CB6-A489-2FC269F011EB}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{7B4CAD1C-19B2-4142-A311-01552FB0F6B7}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{60A9EC4B-304B-40DE-B906-94D2B3DA2C07}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{F1FFE5FB-F7C5-4662-83F6-DD8A1FFCA21F}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{C2616D4C-3EB1-45F8-B105-054D73BB85A7}] => (Allow) LPort=25555
FirewallRules: [{AF030326-15D3-4A13-9C16-E96F3507C4A0}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{F935528C-D008-436E-B687-B38761AD25E3}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{723BF365-56E5-4D73-A4F3-675F0B62185D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9884D73C-19C3-4A00-9126-DD5FE7C6F0CB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8CC510C8-D80E-48D1-A965-157C005FEDF3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5A1CC65-5AB7-424C-B64B-81A30A910B3A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21CE42CE-6F9E-4B91-B316-AEC4169932AD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{64DCB0CB-E45A-4780-B046-72F6B398E416}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{752C98D7-A728-488B-8973-33396BB923D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{16E6CAE4-7E58-4EE2-8E71-B186580B7D66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{3A9568C2-645F-4B71-860C-4F6C734323F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{EAB9E92E-193D-4006-8313-A3053D6808E2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E0994109-D03B-46E5-AD18-F6980CB027A7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C9E2F2B8-241B-4FB2-AD2F-7718857C9A07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{629EC1F4-F3DF-47F1-B7C5-12302790B81F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{DCC622DB-2D7C-418F-BCEC-A0C54FC8AFD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9670AB7B-71EF-414C-B17B-39501636A1C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B5779059-8A99-44A9-82A5-892F63658062}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D17B8906-87FC-4276-B2E1-E3147EB0BF88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
==================== Restore Points =========================
16-07-2019 17:34:37 Naplánovaný kontrolní bod
26-07-2019 22:00:04 Naplánovaný kontrolní bod
02-08-2019 23:45:23 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: Disketová jednotka
Description: Disketová jednotka
Class Guid: {4d36e980-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní disketové jednotky)
Service: flpydisk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/10/2019 07:57:47 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (08/10/2019 08:25:58 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (08/09/2019 10:54:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: malwarebytes_assistant.exe, verze: 3.1.0.1614, časové razítko: 0x5b9bcc2c
Název chybujícího modulu: malwarebytes_assistant.exe, verze: 3.1.0.1614, časové razítko: 0x5b9bcc2c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000bad2
ID chybujícího procesu: 0x1038
Čas spuštění chybující aplikace: 0x01d54ef49b09149c
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
ID zprávy: 0c93da67-6cd5-4cde-9e53-78be301b41ce
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/09/2019 09:56:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x1548
Čas spuštění chybující aplikace: 0x01d54edc14631965
Cesta k chybující aplikaci: C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 175af96b-f31e-4dea-a10e-f0b8ae2ae31c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/09/2019 03:40:28 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (08/07/2019 12:24:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amtrucks.exe, verze: 1.35.1.26, časové razítko: 0x5d2869dc
Název chybujícího modulu: ntdll.dll, verze: 10.0.17763.592, časové razítko: 0x0f1b8afd
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000fb049
ID chybujícího procesu: 0x2b3c
Čas spuštění chybující aplikace: 0x01d54d09922f0d20
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: c4f24375-bcea-40b1-9321-92e3f4cd0eb4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/07/2019 12:19:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program amtrucks.exe verze 1.35.1.26 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: a70
Čas spuštění: 01d54d096134d7c6
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
ID hlášení: bc7d2796-dac4-472a-bfb3-6d9604ded5ec
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (07/24/2019 04:20:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.35.1.17, časové razítko: 0x5d28dbeb
Název chybujícího modulu: d3d11.dll, verze: 10.0.17763.1, časové razítko: 0x13a31007
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000012c9d0
ID chybujícího procesu: 0x2338
Čas spuštění chybující aplikace: 0x01d54229ecff17a6
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\d3d11.dll
ID zprávy: d89f24cd-28c1-43ac-bb5c-447c227968d9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/10/2019 09:42:00 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/10/2019 09:42:00 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/10/2019 07:57:38 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/10/2019 07:24:06 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/10/2019 06:28:33 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/10/2019 06:28:33 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/10/2019 01:52:06 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (08/10/2019 01:52:06 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-02-09 12:53:06.886
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze podpisu: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
CodeIntegrity:
===================================
Date: 2019-02-09 12:53:53.914
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.909
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.899
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.882
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.838
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.771
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.707
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 12:53:53.692
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F8 10/18/2010
Motherboard: Gigabyte Technology Co., Ltd. GA-MA770T-UD3
Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 32%
Total physical RAM: 16381.55 MB
Available physical RAM: 10981.03 MB
Total Virtual: 17405.55 MB
Available Virtual: 10101.42 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.56 GB) (Free:534.94 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.51 GB) (Free:677.59 GB) NTFS
\\?\Volume{61d92415-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{61d92415-0000-0000-0000-60c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 61D92415)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=469 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2EFF3D7B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Re: Prosím o jednu preventivku
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-08-2019
Ran by Karlíkxy (administrator) on VELKEJPC (Gigabyte Technology Co., Ltd. GA-MA770T-UD3) (10-08-2019 21:43:34)
Running from C:\Users\Karlíkxy\Desktop\Nová složka
Loaded Profiles: Karlíkxy (Available Profiles: Karlíkxy)
Platform: Windows 10 Pro Version 1809 17763.615 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(DESlock Limited -> DESlock Limited.) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
(Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180448 2019-07-21] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-04-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-11-11] () [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [EsetPasswordManager] => C:\Program Files\ESET\ESET Password Manager\pwm.exe [113648 2019-04-29] (Lamantine Software a.s. -> ESET)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646904 2019-07-18] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Nexus] => C:\Program Files (x86)\Winstep\Nexus.exe [17959552 2019-03-01] (Winstep Software Technologies) [File not signed]
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-11-01] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {6bc1cec3-3048-11e9-8543-1c6f658aab67} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {df940eb5-9c28-11e9-8564-1c6f658aab67} - "F:\Setup.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {df940f8a-9c28-11e9-8564-1c6f658aab67} - "F:\Setup.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\DREAMA~1.SCR [141312 2018-01-14] () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-05-15]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1362D4B2-119F-4D89-BB22-CFFC79D30111} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4519576 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B4B14F6-0646-4409-A65F-239C12FAA5F5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {401A4F49-C2AE-4AA9-9038-55EA9D055483} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {5296E58E-6D54-4666-AA35-D66D2CC5D826} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {5906DD94-AC24-4EDF-A907-A70E82417D89} - System32\Tasks\AdobeGCInvoker-1.0-VELKEJPC-Karlíkxy => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {62E336EF-2760-4806-8CF4-E8C8079F51B9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {64183814-E2EF-41F9-BB4A-94E6912C34B0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {80AB00B5-53D6-4FDE-AE49-D3469867C000} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E0836A4-FE9A-40BD-9744-7F0706C5447C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {A110620B-FDDB-455B-B1E0-CC7047CFA86E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A5834D3B-067C-4770-92F5-B87AC00C36F0} - System32\Tasks\Opera scheduled Autoupdate 1557004838 => C:\Users\Karlíkxy\AppData\Local\Programs\Opera\launcher.exe [1348120 2019-08-07] (Opera Software AS -> Opera Software)
Task: {ADB774B2-A85A-40FD-B267-4D55D0FC7C49} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4519576 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7D34523-3F35-42A6-81A0-2F5C5C9C8FBB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA4BBF4E-79AF-42CC-BF56-3AC51F1ADEE5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D5691FF7-C0E9-4B7C-AC9C-79CBFA6C2DFF} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\Karlíkxy\Desktop\RogueKiller_portable64.exe
Task: {E7E0A54E-FEAD-4B2E-9848-FD58754EDBE4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [524360 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EE8BBE94-B545-4568-9BE0-39BF260A8A13} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {F0FE289A-9FD9-4D0B-ADEE-6D92C3908F8A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{c6eac970-e2c8-4318-998b-1c9e3e635683}: [DhcpNameServer] 192.168.100.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4144462506-2486898719-981058799-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: kmapm4jw.default
FF ProfilePath: C:\Users\Karlíkxy\AppData\Roaming\TomTom\HOME\Profiles\eq9k5pmv.default [2019-05-05]
FF Homepage: TomTom\HOME\Profiles\eq9k5pmv.default -> about:home
FF NewTab: TomTom\HOME\Profiles\eq9k5pmv.default -> about:newtab
FF Extension: (RenaultTheme) - C:\Users\Karlíkxy\AppData\Roaming\TomTom\HOME\Profiles\eq9k5pmv.default\Extensions\RenaultTheme@tomtom.com [2019-03-14] [Legacy] [not signed]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-03-23] [Legacy] [not signed]
FF ProfilePath: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default [2019-08-10]
FF Homepage: Mozilla\Firefox\Profiles\kmapm4jw.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\kmapm4jw.default -> about:newtab
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: admin@fastaddons.com_GroupSpeedDial
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: pavel.sherbakov@gmail.com
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: quickdial@matmoul.com
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: {0a79bc58-665f-4534-a7ea-6d61d68194fb}
FF Extension: (AdGuard AdBlocker) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\adguardadblocker@adguard.com.xpi [2019-07-04]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-01-05]
FF Extension: (Google Translator for Firefox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\translator@zoli.bod.xpi [2019-05-07]
FF Extension: (Blue Flower Vine by M♥Donna) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{04001c8a-6eff-4659-9196-0a552edd725a}.xpi [2019-05-11]
FF Extension: (tranquil blue) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{0d1802ae-eebf-4526-855b-1879b45e66cb}.xpi [2019-05-14]
FF Extension: (Fantasy of Lights - N.Lights Series 1) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{1a176495-2247-4217-b1fc-139fc11c4324}.xpi [2019-08-10]
FF Extension: (Ship in Lighthouse Reflection) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{2db9f8d0-ee99-4d57-a581-2722da1b573d}.xpi [2019-05-07]
FF Extension: (Dark Cubes) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{2dbb0302-0a64-4964-bb64-d157474dd324}.xpi [2019-05-14]
FF Extension: (Animated A Toon Town Christmas) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{328c92e1-1e11-4985-a74e-96aa60d8d243}.xpi [2019-05-14]
FF Extension: (Google Translate (In Page Translate)) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{3d09bd90-da37-41b5-a719-8da173e9870f}.xpi [2019-06-30]
FF Extension: (Deep Dark Blue Forest) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{5db58b6b-6fbc-4be3-b48d-e536ac711a10}.xpi [2019-05-14]
FF Extension: (Tv Firefox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{6eafd633-df99-4fc0-a515-039ba8f8f253}.xpi [2019-05-14]
FF Extension: (FFX Developer) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{73574968-e44d-401e-8477-43882b7c9f22}.xpi [2019-05-14]
FF Extension: (Fox in the Clouds) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{aa842ed2-c0e8-4238-a894-c71e5bb2e97d}.xpi [2019-05-14]
FF Extension: (esafox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{b526b65f-3165-4dcc-a534-3474d1de766b}.xpi [2019-05-14]
FF Extension: (FamousFox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{bbf9b829-01fb-4406-8200-7622ed399df5}.xpi [2019-05-14]
FF Extension: (лиса) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{cdfd0c6c-8fc0-4565-ab49-fe3437600595}.xpi [2019-05-14]
FF Extension: (Grayfox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{ceb971ca-37e6-4c49-ab6e-1d1a97a1eb8c}.xpi [2019-05-14]
FF Extension: (Winter Cabin Collage by M♥Donna) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{dba00d63-b5fe-4363-a4cf-e918ca9db46a}.xpi [2019-05-14]
FF Extension: (FirefoxClassicalBlue) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{dc4152a2-0127-4e36-aaf9-7a0ab4c46dc0}.xpi [2019-05-14]
FF Extension: (Dark Fox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2019-05-14]
FF Extension: (Blue Flow) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{fb1fb250-2fd9-4f24-85ba-23dfcbf9f4e1}.xpi [2019-05-14]
FF Extension: (No Name) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4144462506-2486898719-981058799-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
Opera:
=======
OPR DownloadDir: C:\Users\Karlíkxy\Desktop
OPR Extension: (Translator) - C:\Users\Karlíkxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2019-08-09]
OPR Extension: (uBlock Origin) - C:\Users\Karlíkxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2019-08-09]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11469920 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [542400 2017-11-02] (DESlock Limited -> DESlock Limited.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-07-21] (ESET, spol. s r.o. -> ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService.exe [775680 2018-06-06] (Winstep Software Technologies) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2019-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices Inc.)
R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [174152 2018-02-27] (DESlock Limited -> DESlock Ltd.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2017-11-02] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2017-11-02] (DESlock Limited -> DESlock Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149144 2019-07-21] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [102464 2019-07-21] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189232 2019-07-21] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50488 2019-07-21] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [76896 2019-07-21] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [113336 2019-07-21] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv; C:\WINDOWS\gdrv.sys [26192 2019-04-27] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-04-11] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a8e74171e1b8492\nvlddmkm.sys [20736208 2019-04-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1138136 2019-04-11] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [452008 2019-04-07] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2017-11-02] (DESlock Limited -> DESlock Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [155632 2015-08-07] (Gionee Communication Equipment Co.Ltd.Shenzhen -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-05-07] (Zemana Ltd. -> Zemana Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-10 11:17 - 2019-08-10 11:19 - 2518733647 _____ C:\Users\Karlíkxy\Desktop\Ovečky a vlci Veliká bitva.mkv
2019-08-10 09:38 - 2019-08-10 09:41 - 000001480 _____ C:\Users\Karlíkxy\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-08-10 08:29 - 2019-08-10 08:30 - 000000000 ____D C:\AdwCleaner
2019-08-10 08:17 - 2019-08-10 09:36 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\Adobe
2019-08-09 21:58 - 2019-08-10 21:43 - 000000000 ____D C:\FRST
2019-08-09 21:57 - 2019-08-10 21:43 - 000000000 ____D C:\Users\Karlíkxy\Desktop\Nová složka
2019-08-09 18:45 - 2019-08-09 18:45 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\CEF
2019-08-02 23:18 - 2019-08-02 23:22 - 000000000 ____D C:\Users\Karlíkxy\Desktop\kniha
2019-08-02 21:31 - 2019-08-02 21:31 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-08-02 21:30 - 2019-08-02 21:30 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-10 21:44 - 2018-05-07 12:29 - 000919499 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2019-08-10 21:43 - 2017-03-17 12:45 - 000000000 ____D C:\Users\Karlíkxy\AppData\LocalLow\Mozilla
2019-08-10 21:39 - 2018-10-13 20:01 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\uTorrent
2019-08-10 21:34 - 2018-03-10 00:48 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\vlc
2019-08-10 21:33 - 2019-02-09 13:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-10 19:53 - 2019-06-05 12:16 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Dream Aquarium
2019-08-10 19:12 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-10 19:12 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-10 11:50 - 2017-03-17 15:10 - 000000000 ____D C:\Games
2019-08-10 08:12 - 2018-05-07 12:05 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\ConnectedDevicesPlatform
2019-08-09 23:19 - 2017-04-16 17:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-09 22:54 - 2017-12-10 11:59 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\CrashDumps
2019-08-09 19:25 - 2018-07-04 12:06 - 000000000 ____D C:\Users\Karlíkxy\Documents\American Truck Simulator
2019-08-09 19:11 - 2019-06-14 11:10 - 000000000 ____D C:\Users\Karlíkxy\Documents\Euro Truck Simulator 2
2019-08-09 19:11 - 2017-03-17 13:30 - 000000000 ____D C:\Program Files (x86)\Steam
2019-08-09 15:32 - 2018-03-27 17:15 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Wargaming.net
2019-08-09 15:26 - 2018-05-19 21:17 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\D3DSCache
2019-08-09 15:17 - 2019-05-04 23:20 - 000004188 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1557004838
2019-08-09 15:17 - 2019-05-04 23:20 - 000001456 _____ C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-08-09 15:17 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-02 21:30 - 2018-07-13 18:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-07-30 18:58 - 2019-06-11 20:38 - 000000000 ____D C:\Users\Karlíkxy\Desktop\NIKON Foto
2019-07-24 14:45 - 2019-01-20 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-07-21 21:06 - 2019-02-09 13:48 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-21 21:06 - 2018-09-15 19:39 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-21 21:06 - 2018-09-15 19:39 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-21 21:06 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-07-21 20:59 - 2019-02-09 13:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-21 20:59 - 2017-03-17 12:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-07-21 20:58 - 2018-09-15 08:09 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2019-07-21 20:58 - 2017-10-18 17:36 - 000189232 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000149144 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000113336 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000102464 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000076896 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000050488 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2019-07-19 21:40 - 2017-03-20 21:23 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-13 23:56 - 2018-02-02 21:52 - 000000000 ___RD C:\Users\Karlíkxy\Desktop\Bordel z plochy
2019-07-13 10:32 - 2019-04-06 11:50 - 000000000 ____D C:\Users\Karlíkxy\Documents\Wondershare Filmora 9
2019-07-13 10:32 - 2019-04-06 11:50 - 000000000 ____D C:\ProgramData\Wondershare Filmora
==================== Files in the root of some directories ================
2018-02-10 22:18 - 2018-02-10 22:18 - 000099384 _____ () C:\Users\Karlíkxy\AppData\Roaming\inst.exe
2018-02-10 22:18 - 2018-02-10 22:18 - 000007859 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.cat
2018-02-10 22:18 - 2018-02-10 22:18 - 000001167 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.inf
2018-02-10 22:18 - 2018-02-10 22:18 - 000000055 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.log
2018-02-10 22:18 - 2018-02-10 22:18 - 000082816 _____ (VSO Software) C:\Users\Karlíkxy\AppData\Roaming\pcouffin.sys
2019-03-28 19:04 - 2019-03-28 19:04 - 000000208 _____ () C:\Users\Karlíkxy\AppData\Roaming\VELKEJPC.MTBF.txt
2019-08-10 09:38 - 2019-08-10 09:41 - 000001480 _____ () C:\Users\Karlíkxy\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-03-28 19:05 - 2019-03-28 19:05 - 000003584 _____ () C:\Users\Karlíkxy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-26 15:40 - 2017-07-26 15:40 - 000000017 _____ () C:\Users\Karlíkxy\AppData\Local\resmon.resmoncfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Ran by Karlíkxy (administrator) on VELKEJPC (Gigabyte Technology Co., Ltd. GA-MA770T-UD3) (10-08-2019 21:43:34)
Running from C:\Users\Karlíkxy\Desktop\Nová složka
Loaded Profiles: Karlíkxy (Available Profiles: Karlíkxy)
Platform: Windows 10 Pro Version 1809 17763.615 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(DESlock Limited -> DESlock Limited.) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
(Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180448 2019-07-21] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-04-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-11-11] () [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [EsetPasswordManager] => C:\Program Files\ESET\ESET Password Manager\pwm.exe [113648 2019-04-29] (Lamantine Software a.s. -> ESET)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646904 2019-07-18] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Nexus] => C:\Program Files (x86)\Winstep\Nexus.exe [17959552 2019-03-01] (Winstep Software Technologies) [File not signed]
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-11-01] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {6bc1cec3-3048-11e9-8543-1c6f658aab67} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {df940eb5-9c28-11e9-8564-1c6f658aab67} - "F:\Setup.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {df940f8a-9c28-11e9-8564-1c6f658aab67} - "F:\Setup.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\DREAMA~1.SCR [141312 2018-01-14] () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-05-15]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1362D4B2-119F-4D89-BB22-CFFC79D30111} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4519576 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B4B14F6-0646-4409-A65F-239C12FAA5F5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {401A4F49-C2AE-4AA9-9038-55EA9D055483} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {5296E58E-6D54-4666-AA35-D66D2CC5D826} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {5906DD94-AC24-4EDF-A907-A70E82417D89} - System32\Tasks\AdobeGCInvoker-1.0-VELKEJPC-Karlíkxy => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {62E336EF-2760-4806-8CF4-E8C8079F51B9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {64183814-E2EF-41F9-BB4A-94E6912C34B0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {80AB00B5-53D6-4FDE-AE49-D3469867C000} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E0836A4-FE9A-40BD-9744-7F0706C5447C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {A110620B-FDDB-455B-B1E0-CC7047CFA86E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A5834D3B-067C-4770-92F5-B87AC00C36F0} - System32\Tasks\Opera scheduled Autoupdate 1557004838 => C:\Users\Karlíkxy\AppData\Local\Programs\Opera\launcher.exe [1348120 2019-08-07] (Opera Software AS -> Opera Software)
Task: {ADB774B2-A85A-40FD-B267-4D55D0FC7C49} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4519576 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7D34523-3F35-42A6-81A0-2F5C5C9C8FBB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA4BBF4E-79AF-42CC-BF56-3AC51F1ADEE5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D5691FF7-C0E9-4B7C-AC9C-79CBFA6C2DFF} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\Karlíkxy\Desktop\RogueKiller_portable64.exe
Task: {E7E0A54E-FEAD-4B2E-9848-FD58754EDBE4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [524360 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EE8BBE94-B545-4568-9BE0-39BF260A8A13} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {F0FE289A-9FD9-4D0B-ADEE-6D92C3908F8A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{c6eac970-e2c8-4318-998b-1c9e3e635683}: [DhcpNameServer] 192.168.100.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4144462506-2486898719-981058799-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-02] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: kmapm4jw.default
FF ProfilePath: C:\Users\Karlíkxy\AppData\Roaming\TomTom\HOME\Profiles\eq9k5pmv.default [2019-05-05]
FF Homepage: TomTom\HOME\Profiles\eq9k5pmv.default -> about:home
FF NewTab: TomTom\HOME\Profiles\eq9k5pmv.default -> about:newtab
FF Extension: (RenaultTheme) - C:\Users\Karlíkxy\AppData\Roaming\TomTom\HOME\Profiles\eq9k5pmv.default\Extensions\RenaultTheme@tomtom.com [2019-03-14] [Legacy] [not signed]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-03-23] [Legacy] [not signed]
FF ProfilePath: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default [2019-08-10]
FF Homepage: Mozilla\Firefox\Profiles\kmapm4jw.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\kmapm4jw.default -> about:newtab
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: admin@fastaddons.com_GroupSpeedDial
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: pavel.sherbakov@gmail.com
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: quickdial@matmoul.com
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: {0a79bc58-665f-4534-a7ea-6d61d68194fb}
FF Extension: (AdGuard AdBlocker) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\adguardadblocker@adguard.com.xpi [2019-07-04]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-01-05]
FF Extension: (Google Translator for Firefox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\translator@zoli.bod.xpi [2019-05-07]
FF Extension: (Blue Flower Vine by M♥Donna) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{04001c8a-6eff-4659-9196-0a552edd725a}.xpi [2019-05-11]
FF Extension: (tranquil blue) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{0d1802ae-eebf-4526-855b-1879b45e66cb}.xpi [2019-05-14]
FF Extension: (Fantasy of Lights - N.Lights Series 1) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{1a176495-2247-4217-b1fc-139fc11c4324}.xpi [2019-08-10]
FF Extension: (Ship in Lighthouse Reflection) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{2db9f8d0-ee99-4d57-a581-2722da1b573d}.xpi [2019-05-07]
FF Extension: (Dark Cubes) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{2dbb0302-0a64-4964-bb64-d157474dd324}.xpi [2019-05-14]
FF Extension: (Animated A Toon Town Christmas) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{328c92e1-1e11-4985-a74e-96aa60d8d243}.xpi [2019-05-14]
FF Extension: (Google Translate (In Page Translate)) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{3d09bd90-da37-41b5-a719-8da173e9870f}.xpi [2019-06-30]
FF Extension: (Deep Dark Blue Forest) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{5db58b6b-6fbc-4be3-b48d-e536ac711a10}.xpi [2019-05-14]
FF Extension: (Tv Firefox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{6eafd633-df99-4fc0-a515-039ba8f8f253}.xpi [2019-05-14]
FF Extension: (FFX Developer) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{73574968-e44d-401e-8477-43882b7c9f22}.xpi [2019-05-14]
FF Extension: (Fox in the Clouds) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{aa842ed2-c0e8-4238-a894-c71e5bb2e97d}.xpi [2019-05-14]
FF Extension: (esafox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{b526b65f-3165-4dcc-a534-3474d1de766b}.xpi [2019-05-14]
FF Extension: (FamousFox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{bbf9b829-01fb-4406-8200-7622ed399df5}.xpi [2019-05-14]
FF Extension: (лиса) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{cdfd0c6c-8fc0-4565-ab49-fe3437600595}.xpi [2019-05-14]
FF Extension: (Grayfox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{ceb971ca-37e6-4c49-ab6e-1d1a97a1eb8c}.xpi [2019-05-14]
FF Extension: (Winter Cabin Collage by M♥Donna) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{dba00d63-b5fe-4363-a4cf-e918ca9db46a}.xpi [2019-05-14]
FF Extension: (FirefoxClassicalBlue) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{dc4152a2-0127-4e36-aaf9-7a0ab4c46dc0}.xpi [2019-05-14]
FF Extension: (Dark Fox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2019-05-14]
FF Extension: (Blue Flow) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{fb1fb250-2fd9-4f24-85ba-23dfcbf9f4e1}.xpi [2019-05-14]
FF Extension: (No Name) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4144462506-2486898719-981058799-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
Opera:
=======
OPR DownloadDir: C:\Users\Karlíkxy\Desktop
OPR Extension: (Translator) - C:\Users\Karlíkxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2019-08-09]
OPR Extension: (uBlock Origin) - C:\Users\Karlíkxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2019-08-09]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11469920 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [542400 2017-11-02] (DESlock Limited -> DESlock Limited.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-07-21] (ESET, spol. s r.o. -> ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService.exe [775680 2018-06-06] (Winstep Software Technologies) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2019-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices Inc.)
R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [174152 2018-02-27] (DESlock Limited -> DESlock Ltd.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2017-11-02] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2017-11-02] (DESlock Limited -> DESlock Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149144 2019-07-21] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [102464 2019-07-21] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189232 2019-07-21] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50488 2019-07-21] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [76896 2019-07-21] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [113336 2019-07-21] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv; C:\WINDOWS\gdrv.sys [26192 2019-04-27] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-04-11] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a8e74171e1b8492\nvlddmkm.sys [20736208 2019-04-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1138136 2019-04-11] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [452008 2019-04-07] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2017-11-02] (DESlock Limited -> DESlock Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [155632 2015-08-07] (Gionee Communication Equipment Co.Ltd.Shenzhen -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-05-07] (Zemana Ltd. -> Zemana Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-10 11:17 - 2019-08-10 11:19 - 2518733647 _____ C:\Users\Karlíkxy\Desktop\Ovečky a vlci Veliká bitva.mkv
2019-08-10 09:38 - 2019-08-10 09:41 - 000001480 _____ C:\Users\Karlíkxy\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-08-10 08:29 - 2019-08-10 08:30 - 000000000 ____D C:\AdwCleaner
2019-08-10 08:17 - 2019-08-10 09:36 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\Adobe
2019-08-09 21:58 - 2019-08-10 21:43 - 000000000 ____D C:\FRST
2019-08-09 21:57 - 2019-08-10 21:43 - 000000000 ____D C:\Users\Karlíkxy\Desktop\Nová složka
2019-08-09 18:45 - 2019-08-09 18:45 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\CEF
2019-08-02 23:18 - 2019-08-02 23:22 - 000000000 ____D C:\Users\Karlíkxy\Desktop\kniha
2019-08-02 21:31 - 2019-08-02 21:31 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-08-02 21:31 - 2019-08-02 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-08-02 21:30 - 2019-08-02 21:30 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-10 21:44 - 2018-05-07 12:29 - 000919499 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2019-08-10 21:43 - 2017-03-17 12:45 - 000000000 ____D C:\Users\Karlíkxy\AppData\LocalLow\Mozilla
2019-08-10 21:39 - 2018-10-13 20:01 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\uTorrent
2019-08-10 21:34 - 2018-03-10 00:48 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\vlc
2019-08-10 21:33 - 2019-02-09 13:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-10 19:53 - 2019-06-05 12:16 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Dream Aquarium
2019-08-10 19:12 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-10 19:12 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-10 11:50 - 2017-03-17 15:10 - 000000000 ____D C:\Games
2019-08-10 08:12 - 2018-05-07 12:05 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\ConnectedDevicesPlatform
2019-08-09 23:19 - 2017-04-16 17:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-09 22:54 - 2017-12-10 11:59 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\CrashDumps
2019-08-09 19:25 - 2018-07-04 12:06 - 000000000 ____D C:\Users\Karlíkxy\Documents\American Truck Simulator
2019-08-09 19:11 - 2019-06-14 11:10 - 000000000 ____D C:\Users\Karlíkxy\Documents\Euro Truck Simulator 2
2019-08-09 19:11 - 2017-03-17 13:30 - 000000000 ____D C:\Program Files (x86)\Steam
2019-08-09 15:32 - 2018-03-27 17:15 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Wargaming.net
2019-08-09 15:26 - 2018-05-19 21:17 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\D3DSCache
2019-08-09 15:17 - 2019-05-04 23:20 - 000004188 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1557004838
2019-08-09 15:17 - 2019-05-04 23:20 - 000001456 _____ C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-08-09 15:17 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-02 21:30 - 2018-07-13 18:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-07-30 18:58 - 2019-06-11 20:38 - 000000000 ____D C:\Users\Karlíkxy\Desktop\NIKON Foto
2019-07-24 14:45 - 2019-01-20 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-07-21 21:06 - 2019-02-09 13:48 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-21 21:06 - 2018-09-15 19:39 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-21 21:06 - 2018-09-15 19:39 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-21 21:06 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-07-21 20:59 - 2019-02-09 13:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-21 20:59 - 2017-03-17 12:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-07-21 20:58 - 2018-09-15 08:09 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2019-07-21 20:58 - 2017-10-18 17:36 - 000189232 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000149144 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000113336 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000102464 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000076896 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2019-07-21 20:58 - 2017-10-18 17:36 - 000050488 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2019-07-19 21:40 - 2017-03-20 21:23 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-13 23:56 - 2018-02-02 21:52 - 000000000 ___RD C:\Users\Karlíkxy\Desktop\Bordel z plochy
2019-07-13 10:32 - 2019-04-06 11:50 - 000000000 ____D C:\Users\Karlíkxy\Documents\Wondershare Filmora 9
2019-07-13 10:32 - 2019-04-06 11:50 - 000000000 ____D C:\ProgramData\Wondershare Filmora
==================== Files in the root of some directories ================
2018-02-10 22:18 - 2018-02-10 22:18 - 000099384 _____ () C:\Users\Karlíkxy\AppData\Roaming\inst.exe
2018-02-10 22:18 - 2018-02-10 22:18 - 000007859 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.cat
2018-02-10 22:18 - 2018-02-10 22:18 - 000001167 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.inf
2018-02-10 22:18 - 2018-02-10 22:18 - 000000055 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.log
2018-02-10 22:18 - 2018-02-10 22:18 - 000082816 _____ (VSO Software) C:\Users\Karlíkxy\AppData\Roaming\pcouffin.sys
2019-03-28 19:04 - 2019-03-28 19:04 - 000000208 _____ () C:\Users\Karlíkxy\AppData\Roaming\VELKEJPC.MTBF.txt
2019-08-10 09:38 - 2019-08-10 09:41 - 000001480 _____ () C:\Users\Karlíkxy\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-03-28 19:05 - 2019-03-28 19:05 - 000003584 _____ () C:\Users\Karlíkxy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-26 15:40 - 2017-07-26 15:40 - 000000017 _____ () C:\Users\Karlíkxy\AppData\Local\resmon.resmoncfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Re: Prosím o jednu preventivku
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum File: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} Folder: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {6bc1cec3-3048-11e9-8543-1c6f658aab67} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {df940eb5-9c28-11e9-8564-1c6f658aab67} - "F:\Setup.exe" HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {df940f8a-9c28-11e9-8564-1c6f658aab67} - "F:\Setup.exe" Task: {64183814-E2EF-41F9-BB4A-94E6912C34B0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {D5691FF7-C0E9-4B7C-AC9C-79CBFA6C2DFF} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\Karlíkxy\Desktop\RogueKiller_portable64.exe FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: admin@fastaddons.com_GroupSpeedDial FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: pavel.sherbakov@gmail.com FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: quickdial@matmoul.com FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: {0a79bc58-665f-4534-a7ea-6d61d68194fb} FF Extension: (No Name) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found] R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-05-07] (Zemana Ltd. -> Zemana Ltd.) C:\WINDOWS\System32\drivers\zamguard64.sys 2019-08-10 21:44 - 2018-05-07 12:29 - 000919499 _____ C:\WINDOWS\ZAM_Guard.krnl.trace ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o jednu preventivku
Fix result of Farbar Recovery Scan Tool (x64) Version: 10-08-2019
Ran by Karlíkxy (11-08-2019 20:08:00) Run:1
Running from C:\Users\Karlíkxy\Desktop
Loaded Profiles: Karlíkxy (Available Profiles: Karlíkxy)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Users\Karl�kxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder: C:\Users\Karl�kxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {6bc1cec3-3048-11e9-8543-1c6f658aab67} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {df940eb5-9c28-11e9-8564-1c6f658aab67} - "F:\Setup.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {df940f8a-9c28-11e9-8564-1c6f658aab67} - "F:\Setup.exe"
Task: {64183814-E2EF-41F9-BB4A-94E6912C34B0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D5691FF7-C0E9-4B7C-AC9C-79CBFA6C2DFF} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\Karl�kxy\Desktop\RogueKiller_portable64.exe
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: admin@fastaddons.com_GroupSpeedDial
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: pavel.sherbakov@gmail.com
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: quickdial@matmoul.com
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: {0a79bc58-665f-4534-a7ea-6d61d68194fb}
FF Extension: (No Name) - C:\Users\Karl�kxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-05-07] (Zemana Ltd. -> Zemana Ltd.)
C:\WINDOWS\System32\drivers\zamguard64.sys
2019-08-10 21:44 - 2018-05-07 12:29 - 000919499 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 5555
Average :
Sum : 272406356208
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\Users\Karl�kxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} ========================
"C:\Users\Karl�kxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}" => not found
====== End of File: ======
========================= Folder: C:\Users\Karl�kxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} ========================
not found.
====== End of Folder: ======
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6bc1cec3-3048-11e9-8543-1c6f658aab67} => removed successfully
HKLM\Software\Classes\CLSID\{6bc1cec3-3048-11e9-8543-1c6f658aab67} => not found
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df940eb5-9c28-11e9-8564-1c6f658aab67} => removed successfully
HKLM\Software\Classes\CLSID\{df940eb5-9c28-11e9-8564-1c6f658aab67} => not found
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df940f8a-9c28-11e9-8564-1c6f658aab67} => removed successfully
HKLM\Software\Classes\CLSID\{df940f8a-9c28-11e9-8564-1c6f658aab67} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64183814-E2EF-41F9-BB4A-94E6912C34B0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64183814-E2EF-41F9-BB4A-94E6912C34B0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D5691FF7-C0E9-4B7C-AC9C-79CBFA6C2DFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5691FF7-C0E9-4B7C-AC9C-79CBFA6C2DFF}" => removed successfully
C:\WINDOWS\System32\Tasks\RogueKiller Anti-Malware => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RogueKiller Anti-Malware" => removed successfully
"Firefox NewTabOverride (admin@fastaddons.com_GroupSpeedDial) " => removed successfully
"Firefox NewTabOverride (pavel.sherbakov@gmail.com) " => removed successfully
"Firefox NewTabOverride (quickdial@matmoul.com) " => removed successfully
"Firefox NewTabOverride ({0a79bc58-665f-4534-a7ea-6d61d68194fb}) " => removed successfully
"C:\Users\Karl�kxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}" => not found
ZAM_Guard => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ZAM_Guard => removed successfully
ZAM_Guard => service removed successfully
C:\WINDOWS\System32\drivers\zamguard64.sys => moved successfully
C:\WINDOWS\ZAM_Guard.krnl.trace => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1664333220 B
Java, Flash, Steam htmlcache => 389746997 B
Windows/system/drivers => 1541529 B
Edge => 39424 B
Chrome => 0 B
Firefox => 1097933151 B
Opera => 439017052 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 16238 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Karlíkxy => 6204466 B
RecycleBin => 116814107 B
EmptyTemp: => 3.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:11:32 ====
Ran by Karlíkxy (11-08-2019 20:08:00) Run:1
Running from C:\Users\Karlíkxy\Desktop
Loaded Profiles: Karlíkxy (Available Profiles: Karlíkxy)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Users\Karl�kxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder: C:\Users\Karl�kxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {6bc1cec3-3048-11e9-8543-1c6f658aab67} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {df940eb5-9c28-11e9-8564-1c6f658aab67} - "F:\Setup.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {df940f8a-9c28-11e9-8564-1c6f658aab67} - "F:\Setup.exe"
Task: {64183814-E2EF-41F9-BB4A-94E6912C34B0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D5691FF7-C0E9-4B7C-AC9C-79CBFA6C2DFF} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\Karl�kxy\Desktop\RogueKiller_portable64.exe
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: admin@fastaddons.com_GroupSpeedDial
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: pavel.sherbakov@gmail.com
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: quickdial@matmoul.com
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: {0a79bc58-665f-4534-a7ea-6d61d68194fb}
FF Extension: (No Name) - C:\Users\Karl�kxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-05-07] (Zemana Ltd. -> Zemana Ltd.)
C:\WINDOWS\System32\drivers\zamguard64.sys
2019-08-10 21:44 - 2018-05-07 12:29 - 000919499 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 5555
Average :
Sum : 272406356208
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\Users\Karl�kxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} ========================
"C:\Users\Karl�kxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}" => not found
====== End of File: ======
========================= Folder: C:\Users\Karl�kxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} ========================
not found.
====== End of Folder: ======
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6bc1cec3-3048-11e9-8543-1c6f658aab67} => removed successfully
HKLM\Software\Classes\CLSID\{6bc1cec3-3048-11e9-8543-1c6f658aab67} => not found
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df940eb5-9c28-11e9-8564-1c6f658aab67} => removed successfully
HKLM\Software\Classes\CLSID\{df940eb5-9c28-11e9-8564-1c6f658aab67} => not found
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df940f8a-9c28-11e9-8564-1c6f658aab67} => removed successfully
HKLM\Software\Classes\CLSID\{df940f8a-9c28-11e9-8564-1c6f658aab67} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64183814-E2EF-41F9-BB4A-94E6912C34B0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64183814-E2EF-41F9-BB4A-94E6912C34B0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D5691FF7-C0E9-4B7C-AC9C-79CBFA6C2DFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5691FF7-C0E9-4B7C-AC9C-79CBFA6C2DFF}" => removed successfully
C:\WINDOWS\System32\Tasks\RogueKiller Anti-Malware => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RogueKiller Anti-Malware" => removed successfully
"Firefox NewTabOverride (admin@fastaddons.com_GroupSpeedDial) " => removed successfully
"Firefox NewTabOverride (pavel.sherbakov@gmail.com) " => removed successfully
"Firefox NewTabOverride (quickdial@matmoul.com) " => removed successfully
"Firefox NewTabOverride ({0a79bc58-665f-4534-a7ea-6d61d68194fb}) " => removed successfully
"C:\Users\Karl�kxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}" => not found
ZAM_Guard => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ZAM_Guard => removed successfully
ZAM_Guard => service removed successfully
C:\WINDOWS\System32\drivers\zamguard64.sys => moved successfully
C:\WINDOWS\ZAM_Guard.krnl.trace => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1664333220 B
Java, Flash, Steam htmlcache => 389746997 B
Windows/system/drivers => 1541529 B
Edge => 39424 B
Chrome => 0 B
Firefox => 1097933151 B
Opera => 439017052 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 16238 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Karlíkxy => 6204466 B
RecycleBin => 116814107 B
EmptyTemp: => 3.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:11:32 ====
Re: Prosím o jednu preventivku
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: File: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} Folder: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} FF Extension: (No Name) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found] Hosts: EmptyTemp: End - Klikni na Subor a potom na Ulozit
- Vpravo dole vyber kodovanie Unicode
- Subor uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o jednu preventivku
Fix result of Farbar Recovery Scan Tool (x64) Version: 10-08-2019
Ran by Karlíkxy (13-08-2019 12:58:12) Run:2
Running from C:\Users\Karlíkxy\Desktop
Loaded Profiles: Karlíkxy (Available Profiles: Karlíkxy)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
File: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (No Name) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========================= File: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} ========================
"C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}" => not found
====== End of File: ======
========================= Folder: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} ========================
not found.
====== End of Folder: ======
C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => path removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14846732 B
Java, Flash, Steam htmlcache => 12187212 B
Windows/system/drivers => 248265 B
Edge => 0 B
Chrome => 0 B
Firefox => 216526949 B
Opera => 17054852 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 904 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Karlíkxy => 328264 B
RecycleBin => 3376560 B
EmptyTemp: => 261.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:59:23 ====
Ran by Karlíkxy (13-08-2019 12:58:12) Run:2
Running from C:\Users\Karlíkxy\Desktop
Loaded Profiles: Karlíkxy (Available Profiles: Karlíkxy)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
File: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (No Name) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========================= File: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} ========================
"C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}" => not found
====== End of File: ======
========================= Folder: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} ========================
not found.
====== End of Folder: ======
C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => path removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14846732 B
Java, Flash, Steam htmlcache => 12187212 B
Windows/system/drivers => 248265 B
Edge => 0 B
Chrome => 0 B
Firefox => 216526949 B
Opera => 17054852 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 904 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Karlíkxy => 328264 B
RecycleBin => 3376560 B
EmptyTemp: => 261.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:59:23 ====
Re: Prosím o jednu preventivku
Nastavoval si nieco cez skupinovu politiku (Group Policy)?
GroupPolicy: Restriction ? <==== ATTENTION
Inak to vyzera OK. Su s PC nejake problemy?Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o jednu preventivku
Ano, kdysi sem tam něco nastavoval. Jinak PC je stabilní a chová se tak jak má. Děkuji za kontrolu.
Re: Prosím o jednu preventivku
Tak este upraceme po pouzitych nastrojoch:
- Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
- Uloz na plochu a spusti
- Nechaj oznacenu moznost "Remove disinfection tools"
- Klikni na "Run"
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Přispějete na provoz fóra?