Dobrý den, prosím o kontrolu logu. Počítač se chová divně. Včera nefungoval skoro vůbec, pomohlo až obnovení bodu systému, který byl vytvořen někdy před 14 dny.
Děkuji
Helena
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
Ran by Helenka (administrator) on DOMA (01-03-2017 14:42:10)
Running from C:\Users\Helenka\Desktop\ÚDRŽBA
Loaded Profiles: Helenka (Available Profiles: Helenka)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
() C:\Windows\SysWOW64\spdsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe [64640 2013-01-28] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-21] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {0c4bd6aa-b710-11e6-bea7-089e01400cec} - "E:\autorun.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {4651e03c-df23-11e6-bead-806e6f6e6963} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {59627320-ca0a-11e6-beab-089e01400cec} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {ba04a953-ed21-11e5-be69-806e6f6e6963} - "D:\Setup.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {cb6f8045-dfe3-11e6-beb1-089e01400cec} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {eff2e197-8fbc-11e6-be92-089e01400cec} - "F:\Setup.exe"
HKLM\...\Providers\Internet Print Provider: inetpp.dll
HKLM\...\Providers\LanMan Print Services: win32spl.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-01-21] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2017-03-01]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2017-03-01]
Startup: C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk [2017-03-01]
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 185.97.254.158 api.facepunch.com
Tcpip\Parameters: [DhcpNameServer] 82.144.128.1 82.144.129.1
Tcpip\..\Interfaces\{6E729190-5055-4A76-BB8B-3DEFC60ADD76}: [DhcpNameServer] 82.144.128.1 82.144.129.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> DefaultScope {4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> {4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> {BD63004A-89AC-488F-8A5A-D4311713A735} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-01] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-01-28] (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: taoywzw4.default
FF ProfilePath: C:\Users\Helenka\AppData\Roaming\Mozilla\Firefox\Profiles\taoywzw4.default [2017-02-28]
FF Extension: (MEGA) - C:\Users\Helenka\AppData\Roaming\Mozilla\Firefox\Profiles\taoywzw4.default\Extensions\firefox@mega.co.nz.xpi [2017-01-21]
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-01] (Oracle Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-09-01] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2520944081-2684202109-2728405321-1001: @nsroblox.roblox.com/launcher -> C:\Users\Helenka\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2520944081-2684202109-2728405321-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Helenka\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-01] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-16]
CHR Extension: (Chrome Media Router) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-16]
CHR Profile: C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default [2017-02-16]
CHR Extension: (Prezentace Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-28]
CHR Extension: (Dokumenty Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-28]
CHR Extension: (Disk Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-28]
CHR Extension: (YouTube) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-28]
CHR Extension: (Adblock Plus) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-01-21]
CHR Extension: (Kalendář Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (Tabulky Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Gmail) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-03]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-21] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-25] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [227104 2016-07-21] (EasyAntiCheat Ltd)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2016-03-18] (Dritek System INC.)
R2 Samsung Network Fax Server; C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxServer64.exe [801472 2015-03-10] (Samsung Electronics Co., Ltd.)
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2016-03-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2016-03-22] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
S2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2017-01-21] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2017-01-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2017-01-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-21] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2017-01-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2017-01-21] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2017-01-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-21] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [311968 2016-04-07] ()
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
R1 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283200 2016-10-15] (DT Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-10-16] (REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43168 2016-04-07] ()
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2016-03-18] (Dritek System Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2016-03-22] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2016-03-22] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2016-03-22] (Microsoft Corporation)
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-01 14:40 - 2017-03-01 14:40 - 01201152 _____ C:\Users\Helenka\Downloads\RSIT.exe
2017-03-01 14:40 - 2017-03-01 14:40 - 00000000 ____D C:\Program Files (x86)\trend micro
2017-03-01 14:39 - 2017-03-01 14:41 - 00000000 ____D C:\Program Files\trend micro
2017-03-01 14:39 - 2017-03-01 14:39 - 01324032 _____ C:\Users\Helenka\Downloads\RSITx64.exe
2017-03-01 14:39 - 2017-03-01 14:39 - 00000000 ____D C:\rsit
2017-03-01 14:36 - 2017-03-01 14:42 - 00000000 ____D C:\FRST
2017-03-01 14:32 - 2017-03-01 14:32 - 00001342 _____ C:\Users\Helenka\Desktop\Steam – zástupce.lnk
2017-02-28 21:20 - 2017-02-28 21:20 - 04015056 _____ C:\Users\Helenka\Downloads\adwcleaner_6.043.exe
2017-02-28 19:56 - 2017-01-21 17:38 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-02-28 19:50 - 2017-02-28 19:50 - 00000000 ____D C:\Program Files\d6xr5dra
2017-02-28 19:07 - 2017-02-28 19:07 - 00000000 ____D C:\Program Files (x86)\Roblox
2017-02-28 15:12 - 2017-02-28 15:12 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignc09dc6f9b54e61be
2017-02-28 15:12 - 2017-02-28 15:12 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign52d941e8a60fe453
2017-02-28 15:12 - 2017-02-28 15:12 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign217c8aa3415ed6db
2017-02-28 15:11 - 2017-02-28 15:11 - 00162250 _____ C:\Users\Helenka\Downloads\Logo 4_5.psd
2017-02-28 15:07 - 2017-02-28 15:07 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignc916e49dff10a768
2017-02-28 15:06 - 2017-02-28 15:06 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign78991dca011c406e
2017-02-28 15:04 - 2017-02-28 15:04 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign35543eccefd88b80
2017-02-28 15:03 - 2017-02-28 15:03 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigndeadfe53c82375c5
2017-02-28 15:02 - 2017-02-28 15:02 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignba2f8e3179cf541d
2017-02-28 15:02 - 2017-02-28 15:02 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign9fac53ad27915299
2017-02-21 08:58 - 2017-02-23 16:41 - 00002368 _____ C:\Program Files (x86)\metadata
2017-02-20 19:37 - 2017-02-20 19:37 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Firefox
2017-02-20 19:37 - 2017-02-20 19:37 - 00000000 ____D C:\Users\Helenka\AppData\Local\Firefox
2017-02-18 13:02 - 2017-02-18 13:02 - 00000000 ____D C:\Users\Helenka\AppData\LocalLow\Smartly Dressed Games
2017-02-17 15:16 - 2017-02-17 15:16 - 11427754 _____ C:\Users\Helenka\Downloads\SA_Euro_1.01_COLD (1).zip
2017-02-17 15:11 - 2017-02-17 15:12 - 11427754 _____ C:\Users\Helenka\Downloads\SA_Euro_1.01_COLD.zip
2017-02-17 15:10 - 2017-02-17 15:10 - 00000000 ____D C:\Users\Helenka\Downloads\SA_Euro_1[1].01_COLD
2017-02-17 15:07 - 2017-02-17 15:07 - 11429090 _____ C:\Users\Helenka\Downloads\SA_Euro_1[1].01_COLD.zip
2017-02-17 15:06 - 2017-02-28 19:45 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\GetRightToGo
2017-02-17 12:50 - 2017-02-28 20:54 - 00000000 ____D C:\Program Files (x86)\d6xr5dra
2017-02-16 19:03 - 2017-02-16 19:03 - 01191753 _____ C:\Users\Helenka\Downloads\gtasa120cz.zip
2017-02-16 19:03 - 2017-02-16 19:03 - 01191753 _____ C:\Users\Helenka\Downloads\gtasa120cz (1).zip
2017-02-16 18:13 - 2017-02-17 14:34 - 00000000 ____D C:\Users\Helenka\Documents\GTA San Andreas User Files
2017-02-16 17:42 - 2017-02-16 17:42 - 00000000 ____D C:\Users\Helenka\Documents\GTA Vice City User Files
2017-02-16 17:37 - 2017-02-16 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2017-02-16 16:01 - 2017-02-16 16:29 - 501886548 _____ C:\Users\Helenka\Downloads\Nepotvrzeno 213209.crdownload
2017-02-16 16:01 - 2017-02-16 16:01 - 00997949 _____ C:\Users\Helenka\Downloads\Odin3-v3.11.1.zip
2017-02-16 15:21 - 2017-02-16 15:21 - 00000000 ____D C:\Users\Helenka\Downloads\This-War-of-Mine-(OBB)_1.4.0-Android-1.com
2017-02-16 15:19 - 2017-02-16 15:21 - 479843375 _____ C:\Users\Helenka\Downloads\This-War-of-Mine-(OBB)_1.4.0-Android-1.com.zip
2017-02-16 15:18 - 2017-02-16 15:19 - 08639390 _____ C:\Users\Helenka\Downloads\This-War-of-Mine-(MOD)_1.4.0-Android-1.com.apk
2017-02-16 15:01 - 2017-02-16 15:03 - 426279395 _____ C:\Users\Helenka\Downloads\main.153.com.elevenbitstudios.twommobile.obb
2017-02-16 15:01 - 2017-02-16 15:01 - 12457066 _____ C:\Users\Helenka\Downloads\This_War_of_Mine_v1.1.0.apk
2017-02-16 14:54 - 2017-02-16 14:59 - 00000000 ____D C:\Users\Helenka\AppData\Local\Fagertain
2017-02-16 14:54 - 2017-02-16 14:54 - 02400960 _____ (BitTorrent Inc.) C:\Users\Helenka\Downloads\Reimage Pc Repair 2017 Crack License Key Full Do
2017-02-16 14:52 - 2017-02-16 14:52 - 01769472 _____ C:\Users\Helenka\Downloads\Reimage_Pc_Repair_2017_Crack_License_Key_Full_Do.iso
2017-02-16 14:44 - 2017-02-16 14:44 - 00000000 ____D C:\Program Files\Common Files\Atheros
2017-02-16 14:41 - 2017-02-16 14:42 - 62008080 _____ (Microsoft Corporation) C:\Users\Helenka\Downloads\NDP462-KB3151800-x86-x64-AllOS-ENU.exe
2017-02-16 14:40 - 2015-01-06 04:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2017-02-16 14:40 - 2015-01-06 03:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2017-02-16 14:40 - 2015-01-06 02:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2017-02-16 14:40 - 2015-01-06 02:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2017-02-16 14:39 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2017-02-16 14:39 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2017-02-16 14:39 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2017-02-16 14:39 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2017-02-16 14:39 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2017-02-16 14:39 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2017-02-16 14:39 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2017-02-16 14:39 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2017-02-16 14:39 - 2015-06-09 23:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2017-02-16 14:39 - 2015-06-09 23:39 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2017-02-16 14:39 - 2015-06-09 23:38 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-02-16 14:17 - 2017-02-16 14:17 - 00000000 ____D C:\Users\Helenka\Downloads\THIS WAR OF MINE MULTI11-TINYISO
2017-02-16 14:16 - 2017-02-16 14:16 - 1047527424 _____ C:\Users\Helenka\Downloads\THIS WAR OF MINE MULTI11-TINYISO.part1.rar
2017-02-16 14:14 - 2017-02-16 14:14 - 445594172 _____ C:\Users\Helenka\Downloads\THIS WAR OF MINE MULTI11-TINYISO.part2.rar
2017-02-16 13:51 - 2017-02-16 13:55 - 00000000 ____D C:\Users\Helenka\Downloads\This.War.of.Mine.2.2.0.6-GOG
2017-02-14 18:33 - 2017-02-14 18:33 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign2296590078b5e7ae
2017-02-14 18:32 - 2017-02-14 18:32 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignedd47d57ec5bd248
2017-02-14 18:32 - 2017-02-14 18:32 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign888540c9561f0931
2017-02-14 18:32 - 2017-02-14 18:32 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign5667d3375895e8e3
2017-02-14 18:30 - 2017-02-14 18:30 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign301175d1a80dcbea
2017-02-14 18:27 - 2017-02-14 18:27 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign427b32ca5a614424
2017-02-14 18:25 - 2017-02-14 18:25 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign9c0f021eb6fbaa61
2017-02-14 18:24 - 2017-02-14 18:24 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignf614c0408a71828c
2017-02-14 18:24 - 2017-02-14 18:24 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign0b27521e5b84870d
2017-02-14 18:22 - 2017-02-14 18:22 - 00000000 ____D C:\Users\Helenka\Documents\Moje palety
2017-02-14 18:18 - 2017-02-14 18:38 - 00000000 ____D C:\Users\Helenka\Documents\Corel
2017-02-14 18:16 - 2017-02-14 18:18 - 00000000 ____D C:\ProgramData\Protexis64
2017-02-14 18:16 - 2017-02-14 18:17 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Corel
2017-02-14 18:13 - 2017-02-14 18:13 - 00000000 ____D C:\Program Files\Common Files\Protexis
2017-02-14 18:13 - 2017-02-14 18:13 - 00000000 ____D C:\Program Files\Common Files\Corel
2017-02-14 18:12 - 2017-02-14 18:12 - 00000000 ____D C:\Users\Public\Documents\Corel
2017-02-14 18:11 - 2017-02-14 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
2017-02-14 18:10 - 2017-02-14 18:22 - 00000000 ____D C:\ProgramData\Corel
2017-02-14 18:10 - 2017-02-14 18:10 - 00000000 ____D C:\Program Files\Corel
2017-02-14 18:09 - 2017-02-14 18:16 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2017-02-13 19:11 - 2017-02-13 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-09 15:38 - 2017-02-09 15:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign159db5a12a1b4458
2017-02-09 15:34 - 2017-02-09 15:34 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign2e0d1f449035f999
2017-02-09 15:33 - 2017-02-09 15:33 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigne4353cd72dab39c1
2017-02-09 15:33 - 2017-02-09 15:33 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign416b0962cd957a3c
2017-02-09 15:17 - 2017-02-09 15:17 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign45af800af66706ec
2017-02-09 15:10 - 2017-02-09 15:10 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignb6843e5215a60fce
2017-02-09 15:10 - 2017-02-09 15:10 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigna0f9ada621f7a0da
2017-02-09 15:10 - 2017-02-09 15:10 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign1b69d86ae2371a9d
2017-02-09 14:26 - 2017-02-09 14:26 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignf5d201c99aadad2b
2017-02-09 14:26 - 2017-02-09 14:26 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign861a54750adccc38
2017-02-09 14:25 - 2017-02-09 14:25 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign3d1fee0e62ac8541
2017-02-09 14:25 - 2017-02-09 14:25 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign284b588a449ceb0d
2017-02-05 11:08 - 2017-02-05 11:08 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\.mono
2017-02-05 11:08 - 2017-02-05 11:08 - 00000000 ____D C:\Users\Helenka\AppData\Local\Colossal Order
2017-02-05 11:08 - 2017-02-05 11:08 - 00000000 ____D C:\ProgramData\.mono
2017-02-05 11:05 - 2017-02-05 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines
2017-02-05 10:42 - 2017-02-05 11:09 - 00000000 ____D C:\Program Files (x86)\Cities Skylines
2017-02-05 10:37 - 2017-02-05 10:37 - 00000000 ____D C:\Users\Helenka\Downloads\Cities Skylines (CZ.MULTi8) [Repack] by 'Teag
2017-02-05 10:36 - 2017-02-05 10:36 - 00020273 _____ C:\Users\Helenka\Downloads\[CzT]Cities_Skylines_2015_CZ_.torrent
2017-02-04 11:49 - 2017-02-05 10:49 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\VMware
2017-02-04 11:48 - 2017-02-04 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy
2017-02-04 11:44 - 2016-11-11 23:16 - 00052288 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmkbd.sys
2017-02-04 11:43 - 2017-02-04 11:43 - 01772950 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-02-04 11:34 - 2017-02-05 10:55 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Andy
2017-02-04 11:34 - 2017-02-04 11:34 - 00000000 ____D C:\Users\Helenka\Andy
2017-02-04 11:34 - 2017-02-04 11:34 - 00000000 ____D C:\Users\Helenk\Andy
2017-02-04 11:34 - 2017-02-04 11:34 - 00000000 ____D C:\Users\Helenk
2017-02-04 11:28 - 2017-02-04 11:28 - 00000000 ____D C:\Users\Helenka\Downloads\turbo_dismount
2017-02-04 11:27 - 2017-02-04 11:27 - 23590896 _____ C:\Users\Helenka\Downloads\turbo_dismount.zip
2017-02-04 11:24 - 2017-02-04 11:24 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign37a12e80b9d0a5ba
2017-02-04 11:18 - 2017-02-04 11:18 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigna10886a37f4fe292
2017-02-04 11:18 - 2017-02-04 11:18 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign8e548af1ed29e347
2017-02-04 11:17 - 2017-02-04 11:17 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignf9a924637a0b91c6
2017-02-04 11:11 - 2017-02-04 11:11 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign53157a1cb68ca8ed
2017-02-04 11:10 - 2017-02-04 11:10 - 00020043 _____ C:\Users\Helenka\Downloads\badaboom_bb.zip
2017-02-04 11:06 - 2017-02-04 11:06 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigneaf45255bdf0fc16
2017-02-04 11:05 - 2017-02-04 11:05 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign9416758e973fe8f0
2017-02-04 11:05 - 2017-02-04 11:05 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign7ab85f2896d733c4
2017-02-03 13:34 - 2017-02-03 14:13 - 122252416 _____ C:\Users\Helenka\Downloads\Gardenscapes_v1.2.6_Mod__6883_Revdl.com.apk
2017-02-03 12:39 - 2017-02-03 12:39 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign99857d28011ee141
2017-02-03 12:38 - 2017-02-03 12:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignfc43a01f914379ab
2017-02-03 12:38 - 2017-02-03 12:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignb19a9667328a68e7
2017-02-03 12:38 - 2017-02-03 12:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign5a94667f9465603c
2017-02-03 12:38 - 2017-02-03 12:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign2eb10529867085d2
2017-02-01 18:13 - 2017-02-01 18:13 - 00000000 ____D C:\Users\Helenka\Documents\ROBLOX
2017-02-01 16:53 - 2017-02-01 16:54 - 00000000 ____D C:\Program Files\Android
2017-02-01 16:53 - 2017-02-01 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2017-02-01 16:53 - 2017-02-01 16:52 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-02-01 16:51 - 2017-02-01 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-02-01 16:50 - 2017-02-01 16:52 - 00000000 ____D C:\Program Files\Java
2017-01-31 17:32 - 2017-02-16 15:25 - 00000000 ____D C:\Users\Helenka\.android
2017-01-31 17:30 - 2017-01-31 17:30 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\ADBDriverInstaller
2017-01-31 17:29 - 2017-01-31 17:29 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2017-01-31 17:28 - 2017-01-31 17:33 - 00000000 ____D C:\Android
2017-01-31 17:15 - 2017-01-31 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2017-01-31 17:07 - 2017-01-31 17:22 - 00000000 ____D C:\Users\Helenka\AppData\Local\Android
2017-01-31 16:57 - 2017-01-31 16:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2017-01-31 16:51 - 2017-01-31 16:51 - 00000000 ____D C:\Program Files\SAMSUNG
2017-01-31 16:50 - 2017-01-31 16:50 - 00000185 _____ C:\Users\Helenka\AppData\Local\uts.ini
2017-01-31 16:50 - 2017-01-31 16:50 - 00000000 ____D C:\Users\Helenka\AppData\Local\uts
2017-01-31 16:49 - 2017-02-16 17:37 - 00000000 ____D C:\Program Files (x86)\Kingo ROOT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-01 14:38 - 2017-01-21 10:46 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-01 14:36 - 2016-04-01 13:58 - 00000000 ____D C:\Users\Helenka\Desktop\ÚDRŽBA
2017-03-01 14:32 - 2016-03-23 14:20 - 00003962 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2913751E-8255-4176-B63F-A7232F23BCFB}
2017-03-01 14:29 - 2016-10-18 16:03 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2520944081-2684202109-2728405321-1001
2017-03-01 14:28 - 2017-01-14 17:22 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-03-01 14:22 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-01 14:21 - 2016-03-19 14:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-01 14:17 - 2016-03-19 14:53 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-01 14:13 - 2017-01-21 17:49 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-03-01 14:13 - 2016-12-17 15:36 - 00001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2017-03-01 14:13 - 2016-11-29 18:34 - 00001501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frontier Launchpad.lnk
2017-03-01 14:13 - 2016-10-28 10:05 - 00002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-01 14:13 - 2016-04-15 11:00 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-03-01 14:13 - 2016-03-23 14:07 - 00001430 _____ C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-03-01 14:13 - 2016-03-22 23:19 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-03-01 14:13 - 2016-03-22 23:13 - 00000469 _____ C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2017-03-01 14:13 - 2016-03-22 23:13 - 00000467 _____ C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2017-03-01 14:13 - 2016-03-19 12:38 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-03-01 14:13 - 2016-03-18 17:53 - 00002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Norton Online Backup.lnk
2017-03-01 14:13 - 2016-03-18 17:50 - 00001984 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2017-03-01 14:13 - 2013-03-12 17:30 - 00002636 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
2017-02-28 21:24 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-02-28 21:23 - 2016-12-13 16:44 - 00000000 ____D C:\AdwCleaner
2017-02-28 21:19 - 2016-03-24 09:44 - 00000000 ____D C:\Users\Helenka\Documents\UCE
2017-02-28 21:18 - 2016-03-24 09:41 - 00000000 ____D C:\Users\Helenka\AppData\Local\Deployment
2017-02-28 21:12 - 2016-12-25 15:29 - 00000000 ____D C:\Users\Helenka\Desktop\HRY
2017-02-28 21:12 - 2016-10-29 09:01 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2017-02-28 21:05 - 2016-11-02 15:02 - 00000000 ____D C:\Program Files (x86)\Prison Architect
2017-02-28 19:58 - 2017-01-21 17:39 - 00003922 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-02-28 19:57 - 2016-10-26 17:46 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-28 19:50 - 2016-03-22 23:13 - 00000000 ____D C:\Users\Helenka
2017-02-28 19:48 - 2013-08-22 15:44 - 05119360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-28 19:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2017-02-28 19:45 - 2017-01-21 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-02-28 19:45 - 2017-01-21 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2017-02-28 19:45 - 2017-01-21 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-28 19:45 - 2016-09-05 07:18 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2017-02-28 19:45 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-28 19:45 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-02-28 19:45 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2017-02-28 19:42 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-28 19:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\registration
2017-02-28 19:32 - 2017-01-14 17:22 - 00000000 ____D C:\Users\Helenka\AppData\Local\Roblox
2017-02-28 19:14 - 2017-01-21 14:42 - 00000000 ____D C:\Users\Helenka\AppData\Local\CrashDumps
2017-02-27 13:26 - 2016-03-19 17:25 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\.minecraft
2017-02-22 11:40 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-21 09:57 - 2017-01-21 17:50 - 00000000 ____D C:\Users\Helenka\AppData\LocalLow\Mozilla
2017-02-16 17:37 - 2013-03-12 18:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-16 17:36 - 2016-10-30 10:39 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-02-16 14:48 - 2014-11-21 05:53 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-16 14:48 - 2014-11-21 05:10 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-16 14:48 - 2014-11-21 05:10 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-16 14:25 - 2016-10-29 09:01 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\uTorrent
2017-02-16 14:17 - 2016-10-15 16:19 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\DAEMON Tools Pro
2017-02-14 18:15 - 2016-03-23 14:12 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-14 18:15 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-01 16:52 - 2016-10-27 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-31 16:51 - 2016-09-05 07:18 - 00000000 ____D C:\ProgramData\Samsung
2017-01-31 15:09 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
==================== Files in the root of some directories =======
2017-02-21 08:58 - 2017-02-23 16:41 - 0002368 _____ () C:\Program Files (x86)\metadata
2016-11-14 20:23 - 2016-11-14 20:23 - 0000014 _____ () C:\Users\Helenka\AppData\Roaming\dmcusername.file
2016-03-29 19:55 - 2016-03-29 19:55 - 0050304 _____ () C:\Users\Helenka\AppData\Roaming\gtk20.mo.id_c05a2ddbccba96cf_email_zeta@dr.com.scl
2016-11-14 20:17 - 2016-11-14 20:17 - 0000000 _____ () C:\Users\Helenka\AppData\Roaming\pof.exact
2016-03-27 21:25 - 2016-03-27 21:25 - 0001960 _____ () C:\Users\Helenka\AppData\Roaming\SeleniumCisternaFronton
2014-10-07 05:39 - 2014-10-07 05:39 - 0011264 _____ () C:\Users\Helenka\AppData\Roaming\System.dll
2016-05-04 16:12 - 2016-05-04 16:12 - 0000003 _____ () C:\Users\Helenka\AppData\Local\updater.log
2016-05-04 16:12 - 2016-08-06 20:36 - 0000424 _____ () C:\Users\Helenka\AppData\Local\UserProducts.xml
2017-01-31 16:50 - 2017-01-31 16:50 - 0000185 _____ () C:\Users\Helenka\AppData\Local\uts.ini
2016-03-18 17:18 - 2016-03-18 17:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
2017-01-21 12:21 - 2017-01-21 12:21 - 0321024 _____ () C:\Users\Helenka\AppData\Local\Temp\2ce83b48-6995-4a17-8074-68fc477a651e_x86.exe
2017-01-21 12:10 - 2017-01-21 12:10 - 0739904 _____ (Oracle Corporation) C:\Users\Helenka\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-10-19 16:11 - 2016-10-19 16:11 - 2458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Helenka\AppData\Local\Temp\libeay32.dll
2016-10-19 16:11 - 2016-10-19 16:11 - 0970912 _____ (Microsoft Corporation) C:\Users\Helenka\AppData\Local\Temp\msvcr120.dll
2017-02-05 10:49 - 2017-02-02 16:56 - 1342792 _____ (Andy OS, inc.) C:\Users\Helenka\AppData\Local\Temp\RemoveTemp.exe
2017-02-04 11:37 - 2017-02-04 11:37 - 1214528 _____ (Andy OS, inc.) C:\Users\Helenka\AppData\Local\Temp\SetAPK.exe
2016-10-19 16:11 - 2016-10-19 16:11 - 0772672 _____ () C:\Users\Helenka\AppData\Local\Temp\sqlite3.dll
2017-01-21 12:13 - 2017-01-21 14:35 - 0663658 _____ () C:\Users\Helenka\AppData\Local\Temp\Uninstall.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ==> Could not access BCD.
LastRegBack: 2017-02-25 17:25
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Počítač se chová divně :-)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Počítač se chová divně :-)
- Přílohy
-
- Addition.zip
- (14.12 KiB) Staženo 114 x
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Počítač se chová divně :-)
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Počítač se chová divně :-)
# AdwCleaner v6.044 - Log vytvořen 01/03/2017 v 20:24:02
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-02-28.2 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Helenka - DOMA
# Spuštěno z : C:\Users\Helenka\Downloads\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
[-] [C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Smazáno: startpageing123
[-] [C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [favicon_url] Smazáno: hxxp://www.startpageing123.com/searchfavicon.ico
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1076 Bajty] - [01/03/2017 20:24:02]
C:\AdwCleaner\AdwCleaner[S0].txt - [1600 Bajty] - [01/03/2017 20:23:44]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1222 Bajty] ##########
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-02-28.2 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Helenka - DOMA
# Spuštěno z : C:\Users\Helenka\Downloads\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
[-] [C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Smazáno: startpageing123
[-] [C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [favicon_url] Smazáno: hxxp://www.startpageing123.com/searchfavicon.ico
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1076 Bajty] - [01/03/2017 20:24:02]
C:\AdwCleaner\AdwCleaner[S0].txt - [1600 Bajty] - [01/03/2017 20:23:44]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1222 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Počítač se chová divně :-)
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Počítač se chová divně :-)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-03-2017
Ran by Helenka (03-03-2017 10:03:09)
Running from C:\Users\Helenka\Desktop\ÚDRŽBA
Windows 8.1 (Update) (X64) (2016-03-23 13:02:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2520944081-2684202109-2728405321-500 - Administrator - Disabled)
Guest (S-1-5-21-2520944081-2684202109-2728405321-501 - Limited - Disabled)
Helenka (S-1-5-21-2520944081-2684202109-2728405321-1001 - Administrator - Enabled) => C:\Users\Helenka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
7-Zip 15.13 (x64) (HKLM\...\7-Zip) (Version: 15.13 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3012 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3125 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AirDroid 3.4.0.1 (HKLM-x32\...\AirDroid) (Version: 3.4.0.1 - Sand Studio)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.7.42.61541 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.7.42.61541 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{1109461B-E8C8-EE08-0219-5711383B03DF}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 0.7 - Google Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.5 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BikaQ Rss (HKLM-x32\...\{78A2D999-4673-4FCC-818E-57B0AF8F3B70}) (Version: 2.0.16 - BikaQ) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
Cities Skylines verzia 1.0.7c (HKLM-x32\...\Cities Skylines_is1) (Version: 1.0.7c - CzTorrent.net)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3112 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3109 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2128 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2112 - CyberLink Corp.) Hidden
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.4.51 - Conexant)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CZ (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
ČeskejPařan.cz - RUST Client verze 1.0 (HKLM-x32\...\{FCD7324E-916F-45C5-997C-8673267A4B8E}_is1) (Version: 1.0 - ČeskejPařan.cz)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
ETDWare PS/2-X64 11.6.16.203_WHQL (HKLM\...\Elantech) (Version: 11.6.16.203 - ELAN Microelectronic Corp.)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Frontier Launchpad version 1.0.3 (HKLM-x32\...\{8916D4AB-BBCB-4FBC-A203-B4C3144CF89B}_is1) (Version: 1.0.3 - Frontier Developments plc)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
iTunes (HKLM\...\{CEC7613B-E286-4A31-BEE3-3F7798488D9F}) (Version: 12.1.3.6 - Apple Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8102 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 cs)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Nero 7 Ultra Edition (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51029}) (Version: 7.02.6446 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9014 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9014 - NTI Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3202 - Acer)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF To Excel Converter V2.0 (HKLM-x32\...\PDF To Excel Converter_is1) (Version: - hxxp://www.PDFExcelConverter.com)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Prison Architect (HKLM\...\{203FDA07-E643-4E87-916A-B0CD31415713}_is1) (Version: 2.0 - Introversion Software)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.41 - Qualcomm Atheros)
RimWorld verze 0.15.1280 (HKLM-x32\...\{FC2DB4C2-8057-4308-A562-E9B57FD58FC4}_is1) (Version: 0.15.1280 - Trackeroc.Ru)
ROBLOX Player for Helenka (HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Studio for Helenka (HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
Rusted.cz Klient 1.7.5 (HKLM-x32\...\Rusted.cz Klient 1.7.5) (Version: - )
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.60 (17. 3. 2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.81.00(25. 5. 2015) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.22 (7. 9. 2015) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.11.28 (10. 3. 2015) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.25 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Software Informer 1.5.1323.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Sothink Logo Maker (HKLM-x32\...\Sothink Logo Maker_is1) (Version: 3.4 - )
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA CZ Profi (HKLM-x32\...\{090EFAD5-5E25-4C4F-907B-80489F088672}) (Version: 11100.161 - STORMWARE)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.3 - WildTangent) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinSnare (HKLM-x32\...\{DE621DA6-398E-4F4C-BD45-454F0272A7AF}) (Version: 4.1.9 - WinSnare) <==== ATTENTION
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Helenka\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\RobloxProxy64.dll (ROBLOX Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07BC67B6-B315-4B8E-AB90-A1F8B4974320} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {3CE8EB79-3AC9-4B7C-B3DB-0BDB3278EE02} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-22] ()
Task: {3D7D5F5A-FAFF-4814-A6D2-C4F60C11AF02} - \Thimilyjoboly -> No File <==== ATTENTION
Task: {58BA4825-5BD1-437E-B9F5-8A55EACDBE7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-19] (Google Inc.)
Task: {83A7E96B-5220-4ACE-AF1A-AD132418DF16} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {9351CA91-45FC-4C7E-BDEE-E1BB672A9CB2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-19] (Google Inc.)
Task: {9BEAF063-3E89-46DF-AE63-23CCE38AA4D8} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2016-12-12] (Informer Technologies, Inc.)
Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [2014-11-21] (Microsoft Corporation)
Task: {A22521B0-745A-4100-92CE-B11C75D1EA40} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {D49D2B68-5781-41E4-B6BB-E4E0513B49C4} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-22] ()
Task: {E3110D9A-B9D0-4D79-8A3E-F26C744390A1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {E637CBBF-79C3-4962-89A7-4C0A231C1C25} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-01-21] (AVAST Software)
Task: {E9491759-7664-4A24-A3A6-0B4446B8F165} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-20] (CyberLink)
Task: {F2824573-C81B-4E85-83A0-497CA13CB145} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Helenka\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com
ShortcutWithArgument: C:\Users\Helenka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
==================== Loaded Modules (Whitelisted) ==============
2016-09-05 07:17 - 2015-06-11 14:58 - 00022528 _____ () C:\WINDOWS\System32\ssm4mlm.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-05 07:13 - 2016-07-17 21:43 - 00499000 ____N () C:\WINDOWS\SysWOW64\spdsvc.exe
2013-01-28 14:45 - 2013-01-28 14:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-28 14:42 - 2013-01-28 14:42 - 00084992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-28 14:47 - 2013-01-28 14:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-09-08 12:39 - 2014-09-08 12:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 12:38 - 2014-09-08 12:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2012-08-22 23:04 - 2012-08-22 23:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-08-22 23:04 - 2012-08-22 23:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2017-02-03 08:02 - 2017-02-01 10:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-03 08:02 - 2017-02-01 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-01-21 17:38 - 2017-01-21 17:38 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-21 17:38 - 2017-01-21 17:38 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-03-02 13:03 - 2017-03-02 13:03 - 05989584 _____ () C:\Program Files\AVAST Software\Avast\defs\17030201\algo.dll
2017-03-03 10:01 - 2017-03-03 10:01 - 05989584 _____ () C:\Program Files\AVAST Software\Avast\defs\17030203\algo.dll
2012-11-03 00:38 - 2012-11-03 00:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-03 00:37 - 2012-11-03 00:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-03 00:38 - 2012-11-03 00:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-03 00:37 - 2012-11-03 00:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-03 00:37 - 2012-11-03 00:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-03 00:37 - 2012-11-03 00:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-03 00:37 - 2012-11-03 00:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2016-10-15 16:20 - 2016-10-15 16:18 - 00002560 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
2017-01-21 17:38 - 2017-01-21 17:38 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2017-03-01 14:39 - 00000074 ____A C:\WINDOWS\system32\Drivers\etc\hosts
185.97.254.158 api.facepunch.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img12.jpg
DNS Servers: 82.144.128.1 - 82.144.129.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BtPreLoad"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{749E3877-382C-47F6-A2A2-E5E8B3A92A50}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{10E09F08-D236-4E70-8CEA-A044C57E5C10}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{BFD58CB8-F2BA-4485-AE2D-0EB6E989A2AA}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{3C9FF256-9BA8-4C37-9344-32571A06DD2E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{080C7874-E7EA-4F31-96A6-AB6E190B7A3A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{233E88A1-7A62-4013-A1E0-26B0C228FCF3}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{83E034BF-9F98-43A4-A401-1F3236514AB0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{40E6C6D1-678E-4CB6-B715-F01EF0A8BE16}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{5FDFC512-6A32-4387-AEC8-2399092E5E7D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{7BB8076E-82C0-4702-939D-B36CFDF9B7E0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{4772EA2B-547C-484C-BC7E-AC7F36C044D6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{AF28863C-42C9-4BF9-8416-156366192AC6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{0B78C0A5-C366-4523-B856-376030B03B57}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{CDFF2BA1-22E6-4A2F-8EB8-4BB8CB7F9644}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{F826BDB2-4D85-4ED4-A7A4-FA1367019B31}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{087D9074-0E90-48FB-913C-78FB1B1DC477}C:\users\helenka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\helenka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{4AB0424F-7E2C-4C20-BFF5-3B425E371606}C:\users\helenka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\helenka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{E8CEC7DB-FBA0-4BFB-BBC3-CB72D6B9D3FC}C:\program files (x86)\nero\nero 7\nero home\nerohome.exe] => (Block) C:\program files (x86)\nero\nero 7\nero home\nerohome.exe
FirewallRules: [UDP Query User{5CC98C0D-DE1F-4CE5-89A8-9367E94FE405}C:\program files (x86)\nero\nero 7\nero home\nerohome.exe] => (Block) C:\program files (x86)\nero\nero 7\nero home\nerohome.exe
FirewallRules: [TCP Query User{C4E4FC71-A59C-4EF0-8A2A-1612A17FEA60}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{DB66D218-878A-46C5-A4E4-8F2A758CA433}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [TCP Query User{9E70B15B-F364-471E-97F2-998649536C91}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{773BF48F-B8A6-4704-BFE1-4FAAF3B05D8A}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [{19F369A9-3648-4B19-A9AF-7AC2CEF13E9B}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{197D832B-E659-4D0F-8B9D-E7C59CF9F99F}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{38DADA86-B6F7-41FC-ACF6-39E8A3096A33}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{45024A58-11F1-4ACA-A4B3-D7AC14FA55D3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{35184E0E-1536-49FF-8B45-19E240BC164D}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon64.exe
FirewallRules: [{05F7C0AD-E04F-4949-9507-D6991C65F02A}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon.exe
FirewallRules: [{EDD05972-B84A-4ED8-AC21-788528240379}] => (Allow) C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxMon64.exe
FirewallRules: [{BF75FCE0-0226-4656-A906-864F80D369F8}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{C72882DD-77B7-4F68-860F-3D07FFC95A4C}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{0F8D3ECB-174B-4425-AC3A-4AEAC4A3250D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{F305F3E9-C145-4CE6-8E78-32D065337C58}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{FF320BEE-DF10-47C2-96E1-19AEAEA8DFE4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{3B22CDF0-1F4B-4B1C-AC70-6473549F1D4E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{39711F32-6D74-4718-9CCE-622D0A542422}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{2F73B7E9-822B-4D44-A4B9-8CC5651CF188}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{54B11740-C0CC-4C75-A375-F3C5AFF7C909}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [TCP Query User{A2A4B2F0-90B1-43D9-8461-A12672F6A313}C:\program files (x86)\samsung\easy printer manager\ids.application.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\ids.application.exe
FirewallRules: [UDP Query User{F61F0EF9-B2C2-4E03-91C6-82F884920CE3}C:\program files (x86)\samsung\easy printer manager\ids.application.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\ids.application.exe
FirewallRules: [{7141043F-3FF3-4BC3-8E14-8F622BA66AC6}] => (Allow) C:\Users\Helenka\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{D32C31AB-2868-45EB-8099-E50C14D1FCC6}] => (Allow) C:\Users\Helenka\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{3A5C52BB-B103-46A9-A21E-CDF592967809}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{93E3C8C1-FB47-45E4-9B23-8B9DB58553A7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D4018D5C-5B12-4FA9-95B0-28B1F36CB733}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D5CF0D31-A453-4C93-B2E8-DE47E5188855}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{2E98C6CE-5A14-4226-BAB5-5EC937A7B6A0}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{1E37172F-3947-47F9-97ED-F1FC5E162CB2}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{997815E1-09C9-426F-9BF8-526BCB08C1DA}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [UDP Query User{956268A2-0025-4545-A8F3-87F6346C8542}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{87126F5A-CABC-4C0F-B81D-16588558BD01}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B574BC94-E43D-4394-9E29-0F9216536844}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{D4316A6D-D3EE-459A-BF02-F88E5009EC1E}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{C7E307A6-EAC4-4A15-AAAB-155400566BB1}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{81774485-3AB2-4F38-8FFF-D2428765DE61}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{77A3437E-DC10-49FE-B766-77F5C42D1690}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [{CC14DD45-910E-4389-9A3F-E655E88A01B2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C097938E-9277-4019-899F-FBB872BB0A35}] => (Allow) C:\Users\Helenka\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{8796EFFA-2428-4BB4-B916-5066DA701EC7}] => (Allow) C:\Users\Helenka\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{1582ABFF-CCE2-4307-8027-BC44E2881DF3}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{235D2CB3-8DE7-482A-84ED-FEDC64176691}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{A53C408A-629A-4C03-9E3F-E4A24C164A73}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{A051556C-BECE-47FF-8783-362A1483F651}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{7E7C0EBE-73CC-43AD-8B4F-5468F6430D4A}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{A0CA6A28-E5A6-44F8-8F2A-B2289D1300B8}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{545BD1C4-7290-4DFF-BC23-4570E1A57926}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{A85B95CC-A64A-46C1-A5A3-9AD925B8AE8A}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{E9604599-EB6A-4DBD-A3B1-64ACD7A25250}] => (Allow) C:\Users\Helenka\AppData\Local\Temp\RemoveTemp.exe
FirewallRules: [{3CD0F1BD-1A38-45EF-AE01-DC54014F6B0E}] => (Allow) C:\Users\Helenka\AppData\Local\Temp\RemoveTemp.exe
FirewallRules: [{C10F15CC-7A5D-42EF-AE11-F2746FAA3F8D}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{50585A13-9B42-4622-9027-8E6ADD83B681}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{13A8B419-B1B2-4243-843F-1667BB2CE862}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{9248FA2A-D707-4900-8506-2038EA06303A}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{AB545211-D6C5-4546-8D62-AD639541B149}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{CA66847D-66ED-49A7-BB99-222482AF3409}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{39898BC5-BFAB-46A9-BF84-834F522B0779}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{E9033261-85CF-4EF7-B100-579DB4ACBCD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{C23BDD3B-3C36-4091-AC5E-F19FC0FF83A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{C1C338AF-04A0-452D-B60E-FD827427B356}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
==================== Restore Points =========================
28-02-2017 18:47:44 Installed Downpour Native Messaging Host Installer
28-02-2017 19:15:41 Operace obnovení
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/01/2017 08:30:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RobloxPlayerBeta.exe, verze: 0.280.0.41501, časové razítko: 0x58b3446c
Název chybujícího modulu: RobloxPlayerBeta.exe, verze: 0.280.0.41501, časové razítko: 0x58b3446c
Kód výjimky: 0xc0000005
Posun chyby: 0x006b3f11
ID chybujícího procesu: 0xf3c
Čas spuštění chybující aplikace: 0x01d292c23a951e93
Cesta k chybující aplikaci: C:\Users\Helenka\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\RobloxPlayerBeta.exe
Cesta k chybujícímu modulu: C:\Users\Helenka\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\RobloxPlayerBeta.exe
ID zprávy: 885026a3-feb5-11e6-bebd-089e01400cec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/01/2017 02:57:13 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest na řádku 4.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (03/01/2017 02:57:13 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest na řádku 4.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (03/01/2017 02:57:13 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest na řádku 4.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (03/01/2017 02:21:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (02/28/2017 08:00:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1500) SRUJet: Při otevírání souboru protokolu C:\WINDOWS\system32\SRU\SRU012B5.log došlo k chybě -1811 (0xfffff8ed).
Error: (02/28/2017 07:56:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.3.9600.18460 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: cd0
Čas spuštění: 01d291f396030352
Čas ukončení: 4294967295
Cesta k aplikaci: C:\WINDOWS\Explorer.EXE
ID hlášení: a3d6c771-fde7-11e6-beb9-089e01400cec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/28/2017 07:20:04 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Během obnovení systému došlo k nespecifikované chybě: (Windows Update). Další informace: 0x80070571.
Error: (02/28/2017 07:14:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwcleaner_6.043.exe, verze: 6.0.4.3, časové razítko: 0x588b6608
Název chybujícího modulu: adwcleaner_6.043.exe, verze: 6.0.4.3, časové razítko: 0x588b6608
Kód výjimky: 0xc0000005
Posun chyby: 0x00022d82
ID chybujícího procesu: 0xa38
Čas spuštění chybující aplikace: 0x01d291edf5f07487
Cesta k chybující aplikaci: C:\Users\Helenka\Downloads\adwcleaner_6.043.exe
Cesta k chybujícímu modulu: C:\Users\Helenka\Downloads\adwcleaner_6.043.exe
ID zprávy: be2a4df6-fde1-11e6-bebb-089e01400cec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/28/2017 06:22:35 PM) (Source: MsiInstaller) (EventID: 11706) (User: DOMA)
Description: Product: Shredder -- Error 1706.No valid source could be found for product Shredder. The Windows Installer cannot continue.
System errors:
=============
Error: (03/03/2017 10:00:17 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Error: (03/02/2017 08:28:27 PM) (Source: DCOM) (EventID: 10010) (User: DOMA)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/02/2017 08:27:57 PM) (Source: DCOM) (EventID: 10010) (User: DOMA)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/02/2017 07:15:14 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Error: (03/02/2017 03:40:16 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku Acer bylo zjištěno poškození.
Bylo nalezeno poškození ve struktuře indexů systému souborů. Referenční číslo souboru je 0x700000001d559. Název souboru je \Windows\servicing\Packages. Poškozený atribut indexu je :$I30:$INDEX_ALLOCATION.
Error: (03/02/2017 01:03:08 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Error: (03/01/2017 08:25:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AppEx Networks Accelerator LWF neuspěla při spuštění v důsledku následující chyby:
Zařízení připojené k systému nefunguje.
Error: (03/01/2017 08:25:21 PM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)
Error: (03/01/2017 08:23:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/01/2017 08:23:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
==================== Memory info ===========================
Processor: AMD A8-4555M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 33%
Total physical RAM: 5578.27 MB
Available physical RAM: 3726.52 MB
Total Virtual: 6474.27 MB
Available Virtual: 4320.32 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:930.65 GB) (Free:688.21 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 387E8316)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Helenka (03-03-2017 10:03:09)
Running from C:\Users\Helenka\Desktop\ÚDRŽBA
Windows 8.1 (Update) (X64) (2016-03-23 13:02:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2520944081-2684202109-2728405321-500 - Administrator - Disabled)
Guest (S-1-5-21-2520944081-2684202109-2728405321-501 - Limited - Disabled)
Helenka (S-1-5-21-2520944081-2684202109-2728405321-1001 - Administrator - Enabled) => C:\Users\Helenka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
7-Zip 15.13 (x64) (HKLM\...\7-Zip) (Version: 15.13 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3012 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3125 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AirDroid 3.4.0.1 (HKLM-x32\...\AirDroid) (Version: 3.4.0.1 - Sand Studio)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.7.42.61541 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.7.42.61541 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{1109461B-E8C8-EE08-0219-5711383B03DF}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 0.7 - Google Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.5 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BikaQ Rss (HKLM-x32\...\{78A2D999-4673-4FCC-818E-57B0AF8F3B70}) (Version: 2.0.16 - BikaQ) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
Cities Skylines verzia 1.0.7c (HKLM-x32\...\Cities Skylines_is1) (Version: 1.0.7c - CzTorrent.net)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3112 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3109 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2128 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2112 - CyberLink Corp.) Hidden
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.4.51 - Conexant)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CZ (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
ČeskejPařan.cz - RUST Client verze 1.0 (HKLM-x32\...\{FCD7324E-916F-45C5-997C-8673267A4B8E}_is1) (Version: 1.0 - ČeskejPařan.cz)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
ETDWare PS/2-X64 11.6.16.203_WHQL (HKLM\...\Elantech) (Version: 11.6.16.203 - ELAN Microelectronic Corp.)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Frontier Launchpad version 1.0.3 (HKLM-x32\...\{8916D4AB-BBCB-4FBC-A203-B4C3144CF89B}_is1) (Version: 1.0.3 - Frontier Developments plc)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
iTunes (HKLM\...\{CEC7613B-E286-4A31-BEE3-3F7798488D9F}) (Version: 12.1.3.6 - Apple Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8102 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 cs)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Nero 7 Ultra Edition (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51029}) (Version: 7.02.6446 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9014 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9014 - NTI Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3202 - Acer)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF To Excel Converter V2.0 (HKLM-x32\...\PDF To Excel Converter_is1) (Version: - hxxp://www.PDFExcelConverter.com)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Prison Architect (HKLM\...\{203FDA07-E643-4E87-916A-B0CD31415713}_is1) (Version: 2.0 - Introversion Software)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.41 - Qualcomm Atheros)
RimWorld verze 0.15.1280 (HKLM-x32\...\{FC2DB4C2-8057-4308-A562-E9B57FD58FC4}_is1) (Version: 0.15.1280 - Trackeroc.Ru)
ROBLOX Player for Helenka (HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Studio for Helenka (HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
Rusted.cz Klient 1.7.5 (HKLM-x32\...\Rusted.cz Klient 1.7.5) (Version: - )
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.60 (17. 3. 2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.81.00(25. 5. 2015) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.22 (7. 9. 2015) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.11.28 (10. 3. 2015) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.25 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Software Informer 1.5.1323.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Sothink Logo Maker (HKLM-x32\...\Sothink Logo Maker_is1) (Version: 3.4 - )
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA CZ Profi (HKLM-x32\...\{090EFAD5-5E25-4C4F-907B-80489F088672}) (Version: 11100.161 - STORMWARE)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.3 - WildTangent) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinSnare (HKLM-x32\...\{DE621DA6-398E-4F4C-BD45-454F0272A7AF}) (Version: 4.1.9 - WinSnare) <==== ATTENTION
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Helenka\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\RobloxProxy64.dll (ROBLOX Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07BC67B6-B315-4B8E-AB90-A1F8B4974320} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {3CE8EB79-3AC9-4B7C-B3DB-0BDB3278EE02} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-22] ()
Task: {3D7D5F5A-FAFF-4814-A6D2-C4F60C11AF02} - \Thimilyjoboly -> No File <==== ATTENTION
Task: {58BA4825-5BD1-437E-B9F5-8A55EACDBE7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-19] (Google Inc.)
Task: {83A7E96B-5220-4ACE-AF1A-AD132418DF16} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {9351CA91-45FC-4C7E-BDEE-E1BB672A9CB2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-19] (Google Inc.)
Task: {9BEAF063-3E89-46DF-AE63-23CCE38AA4D8} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2016-12-12] (Informer Technologies, Inc.)
Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [2014-11-21] (Microsoft Corporation)
Task: {A22521B0-745A-4100-92CE-B11C75D1EA40} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {D49D2B68-5781-41E4-B6BB-E4E0513B49C4} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-22] ()
Task: {E3110D9A-B9D0-4D79-8A3E-F26C744390A1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {E637CBBF-79C3-4962-89A7-4C0A231C1C25} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-01-21] (AVAST Software)
Task: {E9491759-7664-4A24-A3A6-0B4446B8F165} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-20] (CyberLink)
Task: {F2824573-C81B-4E85-83A0-497CA13CB145} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Helenka\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com
ShortcutWithArgument: C:\Users\Helenka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
==================== Loaded Modules (Whitelisted) ==============
2016-09-05 07:17 - 2015-06-11 14:58 - 00022528 _____ () C:\WINDOWS\System32\ssm4mlm.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-05 07:13 - 2016-07-17 21:43 - 00499000 ____N () C:\WINDOWS\SysWOW64\spdsvc.exe
2013-01-28 14:45 - 2013-01-28 14:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-28 14:42 - 2013-01-28 14:42 - 00084992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-28 14:47 - 2013-01-28 14:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-09-08 12:39 - 2014-09-08 12:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 12:38 - 2014-09-08 12:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2012-08-22 23:04 - 2012-08-22 23:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-08-22 23:04 - 2012-08-22 23:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2017-02-03 08:02 - 2017-02-01 10:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-03 08:02 - 2017-02-01 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-01-21 17:38 - 2017-01-21 17:38 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-21 17:38 - 2017-01-21 17:38 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-03-02 13:03 - 2017-03-02 13:03 - 05989584 _____ () C:\Program Files\AVAST Software\Avast\defs\17030201\algo.dll
2017-03-03 10:01 - 2017-03-03 10:01 - 05989584 _____ () C:\Program Files\AVAST Software\Avast\defs\17030203\algo.dll
2012-11-03 00:38 - 2012-11-03 00:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-03 00:37 - 2012-11-03 00:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-03 00:38 - 2012-11-03 00:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-03 00:37 - 2012-11-03 00:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-03 00:37 - 2012-11-03 00:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-03 00:37 - 2012-11-03 00:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-03 00:37 - 2012-11-03 00:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2016-10-15 16:20 - 2016-10-15 16:18 - 00002560 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
2017-01-21 17:38 - 2017-01-21 17:38 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2017-03-01 14:39 - 00000074 ____A C:\WINDOWS\system32\Drivers\etc\hosts
185.97.254.158 api.facepunch.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img12.jpg
DNS Servers: 82.144.128.1 - 82.144.129.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "BtPreLoad"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{749E3877-382C-47F6-A2A2-E5E8B3A92A50}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{10E09F08-D236-4E70-8CEA-A044C57E5C10}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{BFD58CB8-F2BA-4485-AE2D-0EB6E989A2AA}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{3C9FF256-9BA8-4C37-9344-32571A06DD2E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{080C7874-E7EA-4F31-96A6-AB6E190B7A3A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{233E88A1-7A62-4013-A1E0-26B0C228FCF3}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{83E034BF-9F98-43A4-A401-1F3236514AB0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{40E6C6D1-678E-4CB6-B715-F01EF0A8BE16}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{5FDFC512-6A32-4387-AEC8-2399092E5E7D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{7BB8076E-82C0-4702-939D-B36CFDF9B7E0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{4772EA2B-547C-484C-BC7E-AC7F36C044D6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{AF28863C-42C9-4BF9-8416-156366192AC6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{0B78C0A5-C366-4523-B856-376030B03B57}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{CDFF2BA1-22E6-4A2F-8EB8-4BB8CB7F9644}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{F826BDB2-4D85-4ED4-A7A4-FA1367019B31}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{087D9074-0E90-48FB-913C-78FB1B1DC477}C:\users\helenka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\helenka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{4AB0424F-7E2C-4C20-BFF5-3B425E371606}C:\users\helenka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\helenka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{E8CEC7DB-FBA0-4BFB-BBC3-CB72D6B9D3FC}C:\program files (x86)\nero\nero 7\nero home\nerohome.exe] => (Block) C:\program files (x86)\nero\nero 7\nero home\nerohome.exe
FirewallRules: [UDP Query User{5CC98C0D-DE1F-4CE5-89A8-9367E94FE405}C:\program files (x86)\nero\nero 7\nero home\nerohome.exe] => (Block) C:\program files (x86)\nero\nero 7\nero home\nerohome.exe
FirewallRules: [TCP Query User{C4E4FC71-A59C-4EF0-8A2A-1612A17FEA60}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{DB66D218-878A-46C5-A4E4-8F2A758CA433}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [TCP Query User{9E70B15B-F364-471E-97F2-998649536C91}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{773BF48F-B8A6-4704-BFE1-4FAAF3B05D8A}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [{19F369A9-3648-4B19-A9AF-7AC2CEF13E9B}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{197D832B-E659-4D0F-8B9D-E7C59CF9F99F}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{38DADA86-B6F7-41FC-ACF6-39E8A3096A33}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{45024A58-11F1-4ACA-A4B3-D7AC14FA55D3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{35184E0E-1536-49FF-8B45-19E240BC164D}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon64.exe
FirewallRules: [{05F7C0AD-E04F-4949-9507-D6991C65F02A}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon.exe
FirewallRules: [{EDD05972-B84A-4ED8-AC21-788528240379}] => (Allow) C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxMon64.exe
FirewallRules: [{BF75FCE0-0226-4656-A906-864F80D369F8}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{C72882DD-77B7-4F68-860F-3D07FFC95A4C}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{0F8D3ECB-174B-4425-AC3A-4AEAC4A3250D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{F305F3E9-C145-4CE6-8E78-32D065337C58}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{FF320BEE-DF10-47C2-96E1-19AEAEA8DFE4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{3B22CDF0-1F4B-4B1C-AC70-6473549F1D4E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{39711F32-6D74-4718-9CCE-622D0A542422}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{2F73B7E9-822B-4D44-A4B9-8CC5651CF188}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{54B11740-C0CC-4C75-A375-F3C5AFF7C909}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [TCP Query User{A2A4B2F0-90B1-43D9-8461-A12672F6A313}C:\program files (x86)\samsung\easy printer manager\ids.application.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\ids.application.exe
FirewallRules: [UDP Query User{F61F0EF9-B2C2-4E03-91C6-82F884920CE3}C:\program files (x86)\samsung\easy printer manager\ids.application.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\ids.application.exe
FirewallRules: [{7141043F-3FF3-4BC3-8E14-8F622BA66AC6}] => (Allow) C:\Users\Helenka\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{D32C31AB-2868-45EB-8099-E50C14D1FCC6}] => (Allow) C:\Users\Helenka\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{3A5C52BB-B103-46A9-A21E-CDF592967809}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{93E3C8C1-FB47-45E4-9B23-8B9DB58553A7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D4018D5C-5B12-4FA9-95B0-28B1F36CB733}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D5CF0D31-A453-4C93-B2E8-DE47E5188855}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{2E98C6CE-5A14-4226-BAB5-5EC937A7B6A0}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{1E37172F-3947-47F9-97ED-F1FC5E162CB2}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{997815E1-09C9-426F-9BF8-526BCB08C1DA}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [UDP Query User{956268A2-0025-4545-A8F3-87F6346C8542}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{87126F5A-CABC-4C0F-B81D-16588558BD01}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B574BC94-E43D-4394-9E29-0F9216536844}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{D4316A6D-D3EE-459A-BF02-F88E5009EC1E}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{C7E307A6-EAC4-4A15-AAAB-155400566BB1}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{81774485-3AB2-4F38-8FFF-D2428765DE61}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{77A3437E-DC10-49FE-B766-77F5C42D1690}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [{CC14DD45-910E-4389-9A3F-E655E88A01B2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C097938E-9277-4019-899F-FBB872BB0A35}] => (Allow) C:\Users\Helenka\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{8796EFFA-2428-4BB4-B916-5066DA701EC7}] => (Allow) C:\Users\Helenka\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{1582ABFF-CCE2-4307-8027-BC44E2881DF3}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{235D2CB3-8DE7-482A-84ED-FEDC64176691}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{A53C408A-629A-4C03-9E3F-E4A24C164A73}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{A051556C-BECE-47FF-8783-362A1483F651}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{7E7C0EBE-73CC-43AD-8B4F-5468F6430D4A}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{A0CA6A28-E5A6-44F8-8F2A-B2289D1300B8}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{545BD1C4-7290-4DFF-BC23-4570E1A57926}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{A85B95CC-A64A-46C1-A5A3-9AD925B8AE8A}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{E9604599-EB6A-4DBD-A3B1-64ACD7A25250}] => (Allow) C:\Users\Helenka\AppData\Local\Temp\RemoveTemp.exe
FirewallRules: [{3CD0F1BD-1A38-45EF-AE01-DC54014F6B0E}] => (Allow) C:\Users\Helenka\AppData\Local\Temp\RemoveTemp.exe
FirewallRules: [{C10F15CC-7A5D-42EF-AE11-F2746FAA3F8D}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{50585A13-9B42-4622-9027-8E6ADD83B681}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{13A8B419-B1B2-4243-843F-1667BB2CE862}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{9248FA2A-D707-4900-8506-2038EA06303A}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{AB545211-D6C5-4546-8D62-AD639541B149}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{CA66847D-66ED-49A7-BB99-222482AF3409}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{39898BC5-BFAB-46A9-BF84-834F522B0779}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{E9033261-85CF-4EF7-B100-579DB4ACBCD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{C23BDD3B-3C36-4091-AC5E-F19FC0FF83A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{C1C338AF-04A0-452D-B60E-FD827427B356}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
==================== Restore Points =========================
28-02-2017 18:47:44 Installed Downpour Native Messaging Host Installer
28-02-2017 19:15:41 Operace obnovení
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/01/2017 08:30:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RobloxPlayerBeta.exe, verze: 0.280.0.41501, časové razítko: 0x58b3446c
Název chybujícího modulu: RobloxPlayerBeta.exe, verze: 0.280.0.41501, časové razítko: 0x58b3446c
Kód výjimky: 0xc0000005
Posun chyby: 0x006b3f11
ID chybujícího procesu: 0xf3c
Čas spuštění chybující aplikace: 0x01d292c23a951e93
Cesta k chybující aplikaci: C:\Users\Helenka\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\RobloxPlayerBeta.exe
Cesta k chybujícímu modulu: C:\Users\Helenka\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\RobloxPlayerBeta.exe
ID zprávy: 885026a3-feb5-11e6-bebd-089e01400cec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/01/2017 02:57:13 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest na řádku 4.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (03/01/2017 02:57:13 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest na řádku 4.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (03/01/2017 02:57:13 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest na řádku 4.
Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint, což tato verze systému Windows nepodporuje.
Error: (03/01/2017 02:21:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (02/28/2017 08:00:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1500) SRUJet: Při otevírání souboru protokolu C:\WINDOWS\system32\SRU\SRU012B5.log došlo k chybě -1811 (0xfffff8ed).
Error: (02/28/2017 07:56:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.3.9600.18460 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: cd0
Čas spuštění: 01d291f396030352
Čas ukončení: 4294967295
Cesta k aplikaci: C:\WINDOWS\Explorer.EXE
ID hlášení: a3d6c771-fde7-11e6-beb9-089e01400cec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/28/2017 07:20:04 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Během obnovení systému došlo k nespecifikované chybě: (Windows Update). Další informace: 0x80070571.
Error: (02/28/2017 07:14:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwcleaner_6.043.exe, verze: 6.0.4.3, časové razítko: 0x588b6608
Název chybujícího modulu: adwcleaner_6.043.exe, verze: 6.0.4.3, časové razítko: 0x588b6608
Kód výjimky: 0xc0000005
Posun chyby: 0x00022d82
ID chybujícího procesu: 0xa38
Čas spuštění chybující aplikace: 0x01d291edf5f07487
Cesta k chybující aplikaci: C:\Users\Helenka\Downloads\adwcleaner_6.043.exe
Cesta k chybujícímu modulu: C:\Users\Helenka\Downloads\adwcleaner_6.043.exe
ID zprávy: be2a4df6-fde1-11e6-bebb-089e01400cec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/28/2017 06:22:35 PM) (Source: MsiInstaller) (EventID: 11706) (User: DOMA)
Description: Product: Shredder -- Error 1706.No valid source could be found for product Shredder. The Windows Installer cannot continue.
System errors:
=============
Error: (03/03/2017 10:00:17 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Error: (03/02/2017 08:28:27 PM) (Source: DCOM) (EventID: 10010) (User: DOMA)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/02/2017 08:27:57 PM) (Source: DCOM) (EventID: 10010) (User: DOMA)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/02/2017 07:15:14 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Error: (03/02/2017 03:40:16 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku Acer bylo zjištěno poškození.
Bylo nalezeno poškození ve struktuře indexů systému souborů. Referenční číslo souboru je 0x700000001d559. Název souboru je \Windows\servicing\Packages. Poškozený atribut indexu je :$I30:$INDEX_ALLOCATION.
Error: (03/02/2017 01:03:08 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Error: (03/01/2017 08:25:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AppEx Networks Accelerator LWF neuspěla při spuštění v důsledku následující chyby:
Zařízení připojené k systému nefunguje.
Error: (03/01/2017 08:25:21 PM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)
Error: (03/01/2017 08:23:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/01/2017 08:23:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
==================== Memory info ===========================
Processor: AMD A8-4555M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 33%
Total physical RAM: 5578.27 MB
Available physical RAM: 3726.52 MB
Total Virtual: 6474.27 MB
Available Virtual: 4320.32 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:930.65 GB) (Free:688.21 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 387E8316)
Partition: GPT.
==================== End of Addition.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Počítač se chová divně :-)
Toto je pouze Addition. Potřebuji ještě samotný log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Počítač se chová divně :-)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-03-2017
Ran by Helenka (administrator) on DOMA (05-03-2017 12:24:55)
Running from C:\Users\Helenka\Desktop\ÚDRŽBA
Loaded Profiles: Helenka (Available Profiles: Helenka)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
() C:\Windows\SysWOW64\spdsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe [64640 2013-01-28] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-03] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {0c4bd6aa-b710-11e6-bea7-089e01400cec} - "E:\autorun.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {4651e03c-df23-11e6-bead-806e6f6e6963} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {59627320-ca0a-11e6-beab-089e01400cec} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {ba04a953-ed21-11e5-be69-806e6f6e6963} - "D:\Setup.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {cb6f8045-dfe3-11e6-beb1-089e01400cec} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {eff2e197-8fbc-11e6-be92-089e01400cec} - "F:\Setup.exe"
HKLM\...\Providers\Internet Print Provider: inetpp.dll
HKLM\...\Providers\LanMan Print Services: win32spl.dll
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-03] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-03] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2017-03-01]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2017-03-01]
Startup: C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk [2017-03-01]
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 185.97.254.158 api.facepunch.com
Tcpip\Parameters: [DhcpNameServer] 82.144.128.1 82.144.129.1
Tcpip\..\Interfaces\{6E729190-5055-4A76-BB8B-3DEFC60ADD76}: [DhcpNameServer] 82.144.128.1 82.144.129.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> DefaultScope {4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> {4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> {BD63004A-89AC-488F-8A5A-D4311713A735} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-01] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-01-28] (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: taoywzw4.default
FF ProfilePath: C:\Users\Helenka\AppData\Roaming\Mozilla\Firefox\Profiles\taoywzw4.default [2017-02-28]
FF Extension: (MEGA) - C:\Users\Helenka\AppData\Roaming\Mozilla\Firefox\Profiles\taoywzw4.default\Extensions\firefox@mega.co.nz.xpi [2017-01-21]
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-01] (Oracle Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-09-01] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2520944081-2684202109-2728405321-1001: @nsroblox.roblox.com/launcher -> C:\Users\Helenka\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2520944081-2684202109-2728405321-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Helenka\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-05] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-16]
CHR Extension: (Chrome Media Router) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-16]
CHR Profile: C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default [2017-02-16]
CHR Extension: (Prezentace Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-28]
CHR Extension: (Dokumenty Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-28]
CHR Extension: (Disk Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-28]
CHR Extension: (YouTube) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-28]
CHR Extension: (Adblock Plus) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-01-21]
CHR Extension: (Kalendář Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (Tabulky Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Gmail) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-03]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-03] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-03] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-25] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [227104 2016-07-21] (EasyAntiCheat Ltd)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2016-03-18] (Dritek System INC.)
R2 Samsung Network Fax Server; C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxServer64.exe [801472 2015-03-10] (Samsung Electronics Co., Ltd.)
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2016-03-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2016-03-22] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
S2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-03-03] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-03] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-03-03] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-03] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-03-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-03-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-03-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-03-03] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-03-03] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-03-03] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [311968 2016-04-07] ()
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
R1 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-10-16] (REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43168 2016-04-07] ()
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2016-03-18] (Dritek System Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2016-03-22] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2016-03-22] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2016-03-22] (Microsoft Corporation)
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-03 10:55 - 2017-03-03 10:59 - 00000000 ____D C:\Users\Helenka\Downloads\Factorio 14.21
2017-03-03 10:55 - 2017-03-03 10:55 - 00012074 _____ C:\Users\Helenka\Downloads\[CzT]Factorio_v0_14_21_x86_x64_2016_CZ_EN_Win_Linux_.torrent
2017-03-03 10:50 - 2017-03-03 10:50 - 00001418 _____ C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\chrome.lnk
2017-03-03 10:46 - 2017-03-03 10:46 - 00000942 _____ C:\Users\Helenka\Desktop\Downloads.lnk
2017-03-03 10:41 - 2017-03-03 10:48 - 3091825564 _____ C:\Users\Helenka\Downloads\Rust Devblog 150.zip
2017-03-03 10:32 - 2017-03-03 10:32 - 00000027 _____ C:\Settings.ini
2017-03-03 10:18 - 2017-03-03 10:25 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-03 10:14 - 2017-03-03 10:14 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-03 10:10 - 2017-03-03 10:10 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-03-03 10:10 - 2017-03-03 10:10 - 00003914 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-03-03 10:10 - 2017-03-03 10:09 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-03-03 10:10 - 2017-03-03 10:09 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-03-03 10:10 - 2017-03-03 10:09 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-03-03 10:10 - 2017-03-03 10:09 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-03-01 20:20 - 2017-03-01 20:24 - 00000000 ____D C:\AdwCleaner
2017-03-01 14:52 - 2017-03-01 14:52 - 00000943 _____ C:\Users\Public\Desktop\Steam.lnk
2017-03-01 14:40 - 2017-03-01 14:40 - 00000000 ____D C:\Program Files (x86)\trend micro
2017-03-01 14:39 - 2017-03-01 14:41 - 00000000 ____D C:\Program Files\trend micro
2017-03-01 14:36 - 2017-03-05 12:24 - 00000000 ____D C:\FRST
2017-02-28 19:50 - 2017-02-28 19:50 - 00000000 ____D C:\Program Files\d6xr5dra
2017-02-28 19:07 - 2017-02-28 19:07 - 00000000 ____D C:\Program Files (x86)\Roblox
2017-02-28 15:12 - 2017-02-28 15:12 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignc09dc6f9b54e61be
2017-02-28 15:12 - 2017-02-28 15:12 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign52d941e8a60fe453
2017-02-28 15:12 - 2017-02-28 15:12 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign217c8aa3415ed6db
2017-02-28 15:07 - 2017-02-28 15:07 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignc916e49dff10a768
2017-02-28 15:06 - 2017-02-28 15:06 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign78991dca011c406e
2017-02-28 15:04 - 2017-02-28 15:04 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign35543eccefd88b80
2017-02-28 15:03 - 2017-02-28 15:03 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigndeadfe53c82375c5
2017-02-28 15:02 - 2017-02-28 15:02 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignba2f8e3179cf541d
2017-02-28 15:02 - 2017-02-28 15:02 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign9fac53ad27915299
2017-02-21 08:58 - 2017-02-23 16:41 - 00002368 _____ C:\Program Files (x86)\metadata
2017-02-20 19:37 - 2017-02-20 19:37 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Firefox
2017-02-20 19:37 - 2017-02-20 19:37 - 00000000 ____D C:\Users\Helenka\AppData\Local\Firefox
2017-02-18 13:02 - 2017-02-18 13:02 - 00000000 ____D C:\Users\Helenka\AppData\LocalLow\Smartly Dressed Games
2017-02-17 15:06 - 2017-02-28 19:45 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\GetRightToGo
2017-02-17 12:50 - 2017-02-28 20:54 - 00000000 ____D C:\Program Files (x86)\d6xr5dra
2017-02-16 18:13 - 2017-02-17 14:34 - 00000000 ____D C:\Users\Helenka\Documents\GTA San Andreas User Files
2017-02-16 17:42 - 2017-02-16 17:42 - 00000000 ____D C:\Users\Helenka\Documents\GTA Vice City User Files
2017-02-16 17:37 - 2017-02-16 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2017-02-16 14:54 - 2017-02-16 14:59 - 00000000 ____D C:\Users\Helenka\AppData\Local\Fagertain
2017-02-16 14:44 - 2017-02-16 14:44 - 00000000 ____D C:\Program Files\Common Files\Atheros
2017-02-16 14:40 - 2015-01-06 04:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2017-02-16 14:40 - 2015-01-06 03:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2017-02-16 14:40 - 2015-01-06 02:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2017-02-16 14:40 - 2015-01-06 02:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2017-02-16 14:39 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2017-02-16 14:39 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2017-02-16 14:39 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2017-02-16 14:39 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2017-02-16 14:39 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2017-02-16 14:39 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2017-02-16 14:39 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2017-02-16 14:39 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2017-02-16 14:39 - 2015-06-09 23:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2017-02-16 14:39 - 2015-06-09 23:39 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2017-02-16 14:39 - 2015-06-09 23:38 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-02-14 18:33 - 2017-02-14 18:33 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign2296590078b5e7ae
2017-02-14 18:32 - 2017-02-14 18:32 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignedd47d57ec5bd248
2017-02-14 18:32 - 2017-02-14 18:32 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign888540c9561f0931
2017-02-14 18:32 - 2017-02-14 18:32 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign5667d3375895e8e3
2017-02-14 18:30 - 2017-02-14 18:30 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign301175d1a80dcbea
2017-02-14 18:27 - 2017-02-14 18:27 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign427b32ca5a614424
2017-02-14 18:25 - 2017-02-14 18:25 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign9c0f021eb6fbaa61
2017-02-14 18:24 - 2017-02-14 18:24 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignf614c0408a71828c
2017-02-14 18:24 - 2017-02-14 18:24 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign0b27521e5b84870d
2017-02-14 18:22 - 2017-02-14 18:22 - 00000000 ____D C:\Users\Helenka\Documents\Moje palety
2017-02-14 18:18 - 2017-02-14 18:38 - 00000000 ____D C:\Users\Helenka\Documents\Corel
2017-02-14 18:16 - 2017-02-14 18:18 - 00000000 ____D C:\ProgramData\Protexis64
2017-02-14 18:16 - 2017-02-14 18:17 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Corel
2017-02-14 18:13 - 2017-02-14 18:13 - 00000000 ____D C:\Program Files\Common Files\Protexis
2017-02-14 18:13 - 2017-02-14 18:13 - 00000000 ____D C:\Program Files\Common Files\Corel
2017-02-14 18:12 - 2017-02-14 18:12 - 00000000 ____D C:\Users\Public\Documents\Corel
2017-02-14 18:11 - 2017-02-14 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
2017-02-14 18:10 - 2017-02-14 18:22 - 00000000 ____D C:\ProgramData\Corel
2017-02-14 18:10 - 2017-02-14 18:10 - 00000000 ____D C:\Program Files\Corel
2017-02-14 18:09 - 2017-02-14 18:16 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2017-02-13 19:11 - 2017-02-13 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-09 15:38 - 2017-02-09 15:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign159db5a12a1b4458
2017-02-09 15:34 - 2017-02-09 15:34 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign2e0d1f449035f999
2017-02-09 15:33 - 2017-02-09 15:33 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigne4353cd72dab39c1
2017-02-09 15:33 - 2017-02-09 15:33 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign416b0962cd957a3c
2017-02-09 15:17 - 2017-02-09 15:17 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign45af800af66706ec
2017-02-09 15:10 - 2017-02-09 15:10 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignb6843e5215a60fce
2017-02-09 15:10 - 2017-02-09 15:10 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigna0f9ada621f7a0da
2017-02-09 15:10 - 2017-02-09 15:10 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign1b69d86ae2371a9d
2017-02-09 14:26 - 2017-02-09 14:26 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignf5d201c99aadad2b
2017-02-09 14:26 - 2017-02-09 14:26 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign861a54750adccc38
2017-02-09 14:25 - 2017-02-09 14:25 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign3d1fee0e62ac8541
2017-02-09 14:25 - 2017-02-09 14:25 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign284b588a449ceb0d
2017-02-05 11:08 - 2017-02-05 11:08 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\.mono
2017-02-05 11:08 - 2017-02-05 11:08 - 00000000 ____D C:\Users\Helenka\AppData\Local\Colossal Order
2017-02-05 11:08 - 2017-02-05 11:08 - 00000000 ____D C:\ProgramData\.mono
2017-02-05 11:05 - 2017-02-05 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines
2017-02-05 10:42 - 2017-02-05 11:09 - 00000000 ____D C:\Program Files (x86)\Cities Skylines
2017-02-04 11:49 - 2017-02-05 10:49 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\VMware
2017-02-04 11:48 - 2017-02-04 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy
2017-02-04 11:44 - 2016-11-11 23:16 - 00052288 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmkbd.sys
2017-02-04 11:43 - 2017-02-04 11:43 - 01772950 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-02-04 11:34 - 2017-02-05 10:55 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Andy
2017-02-04 11:34 - 2017-02-04 11:34 - 00000000 ____D C:\Users\Helenka\Andy
2017-02-04 11:34 - 2017-02-04 11:34 - 00000000 ____D C:\Users\Helenk\Andy
2017-02-04 11:34 - 2017-02-04 11:34 - 00000000 ____D C:\Users\Helenk
2017-02-04 11:24 - 2017-02-04 11:24 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign37a12e80b9d0a5ba
2017-02-04 11:18 - 2017-02-04 11:18 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigna10886a37f4fe292
2017-02-04 11:18 - 2017-02-04 11:18 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign8e548af1ed29e347
2017-02-04 11:17 - 2017-02-04 11:17 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignf9a924637a0b91c6
2017-02-04 11:11 - 2017-02-04 11:11 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign53157a1cb68ca8ed
2017-02-04 11:06 - 2017-02-04 11:06 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigneaf45255bdf0fc16
2017-02-04 11:05 - 2017-02-04 11:05 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign9416758e973fe8f0
2017-02-04 11:05 - 2017-02-04 11:05 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign7ab85f2896d733c4
2017-02-03 12:39 - 2017-02-03 12:39 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign99857d28011ee141
2017-02-03 12:38 - 2017-02-03 12:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignfc43a01f914379ab
2017-02-03 12:38 - 2017-02-03 12:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignb19a9667328a68e7
2017-02-03 12:38 - 2017-02-03 12:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign5a94667f9465603c
2017-02-03 12:38 - 2017-02-03 12:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign2eb10529867085d2
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-05 12:24 - 2016-04-01 13:58 - 00000000 ____D C:\Users\Helenka\Desktop\ÚDRŽBA
2017-03-05 11:24 - 2016-03-23 14:20 - 00003962 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2913751E-8255-4176-B63F-A7232F23BCFB}
2017-03-05 11:08 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-03 14:36 - 2016-12-25 15:29 - 00000000 ____D C:\Users\Helenka\Desktop\HRY
2017-03-03 14:36 - 2016-11-19 11:25 - 00000000 ____D C:\Rust
2017-03-03 11:30 - 2016-10-18 16:03 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2520944081-2684202109-2728405321-1001
2017-03-03 11:12 - 2017-01-21 10:46 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-03 11:02 - 2016-10-29 09:01 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\uTorrent
2017-03-03 10:45 - 2017-01-21 14:42 - 00000000 ____D C:\Users\Helenka\AppData\Local\CrashDumps
2017-03-03 10:35 - 2016-10-15 16:18 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Pro
2017-03-03 10:35 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2017-03-03 10:32 - 2017-01-21 17:36 - 00000000 ____D C:\Program Files (x86)\AirDroid
2017-03-03 10:29 - 2016-03-23 14:12 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-03 10:12 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-03 10:10 - 2017-01-21 17:39 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-03 10:10 - 2017-01-21 17:39 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-03-03 10:10 - 2017-01-21 17:39 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-03 10:10 - 2017-01-21 17:39 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-03 10:10 - 2017-01-21 17:39 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-03 10:10 - 2017-01-21 17:39 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-03 10:10 - 2017-01-21 17:39 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-03 10:10 - 2017-01-21 17:39 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-01 19:27 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-01 14:28 - 2017-01-14 17:22 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-03-01 14:21 - 2016-03-19 14:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-01 14:17 - 2016-03-19 14:53 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-01 14:13 - 2017-01-21 17:49 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-03-01 14:13 - 2016-12-17 15:36 - 00001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2017-03-01 14:13 - 2016-11-29 18:34 - 00001501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frontier Launchpad.lnk
2017-03-01 14:13 - 2016-10-28 10:05 - 00002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-01 14:13 - 2016-04-15 11:00 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-03-01 14:13 - 2016-03-23 14:07 - 00001430 _____ C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-03-01 14:13 - 2016-03-22 23:19 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-03-01 14:13 - 2016-03-22 23:13 - 00000469 _____ C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2017-03-01 14:13 - 2016-03-22 23:13 - 00000467 _____ C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2017-03-01 14:13 - 2016-03-19 12:38 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-03-01 14:13 - 2016-03-18 17:53 - 00002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Norton Online Backup.lnk
2017-03-01 14:13 - 2016-03-18 17:50 - 00001984 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2017-03-01 14:13 - 2013-03-12 17:30 - 00002636 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
2017-02-28 21:24 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-02-28 21:19 - 2016-03-24 09:44 - 00000000 ____D C:\Users\Helenka\Documents\UCE
2017-02-28 21:18 - 2016-03-24 09:41 - 00000000 ____D C:\Users\Helenka\AppData\Local\Deployment
2017-02-28 21:12 - 2016-10-29 09:01 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2017-02-28 21:05 - 2016-11-02 15:02 - 00000000 ____D C:\Program Files (x86)\Prison Architect
2017-02-28 19:57 - 2016-10-26 17:46 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-28 19:50 - 2016-03-22 23:13 - 00000000 ____D C:\Users\Helenka
2017-02-28 19:48 - 2013-08-22 15:44 - 05119360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-28 19:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2017-02-28 19:45 - 2017-01-21 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-02-28 19:45 - 2017-01-21 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-28 19:45 - 2016-09-05 07:18 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2017-02-28 19:45 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-28 19:45 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-02-28 19:42 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-28 19:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\registration
2017-02-28 19:32 - 2017-01-14 17:22 - 00000000 ____D C:\Users\Helenka\AppData\Local\Roblox
2017-02-27 13:26 - 2016-03-19 17:25 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\.minecraft
2017-02-21 09:57 - 2017-01-21 17:50 - 00000000 ____D C:\Users\Helenka\AppData\LocalLow\Mozilla
2017-02-16 17:37 - 2017-01-31 16:49 - 00000000 ____D C:\Program Files (x86)\Kingo ROOT
2017-02-16 17:37 - 2013-03-12 18:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-16 17:36 - 2016-10-30 10:39 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-02-16 15:25 - 2017-01-31 17:32 - 00000000 ____D C:\Users\Helenka\.android
2017-02-16 14:48 - 2014-11-21 05:53 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-16 14:48 - 2014-11-21 05:10 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-16 14:48 - 2014-11-21 05:10 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-16 14:17 - 2016-10-15 16:19 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\DAEMON Tools Pro
2017-02-14 18:15 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-06 20:41 - 2016-11-12 12:16 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:41 - 2016-11-12 12:16 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2017-02-21 08:58 - 2017-02-23 16:41 - 0002368 _____ () C:\Program Files (x86)\metadata
2016-11-14 20:23 - 2016-11-14 20:23 - 0000014 _____ () C:\Users\Helenka\AppData\Roaming\dmcusername.file
2016-03-29 19:55 - 2016-03-29 19:55 - 0050304 _____ () C:\Users\Helenka\AppData\Roaming\gtk20.mo.id_c05a2ddbccba96cf_email_zeta@dr.com.scl
2016-11-14 20:17 - 2016-11-14 20:17 - 0000000 _____ () C:\Users\Helenka\AppData\Roaming\pof.exact
2016-03-27 21:25 - 2016-03-27 21:25 - 0001960 _____ () C:\Users\Helenka\AppData\Roaming\SeleniumCisternaFronton
2014-10-07 05:39 - 2014-10-07 05:39 - 0011264 _____ () C:\Users\Helenka\AppData\Roaming\System.dll
2016-05-04 16:12 - 2016-05-04 16:12 - 0000003 _____ () C:\Users\Helenka\AppData\Local\updater.log
2016-05-04 16:12 - 2016-08-06 20:36 - 0000424 _____ () C:\Users\Helenka\AppData\Local\UserProducts.xml
2017-01-31 16:50 - 2017-01-31 16:50 - 0000185 _____ () C:\Users\Helenka\AppData\Local\uts.ini
2016-03-18 17:18 - 2016-03-18 17:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
2017-01-21 12:21 - 2017-01-21 12:21 - 0321024 _____ () C:\Users\Helenka\AppData\Local\Temp\2ce83b48-6995-4a17-8074-68fc477a651e_x86.exe
2017-01-21 12:10 - 2017-01-21 12:10 - 0739904 _____ (Oracle Corporation) C:\Users\Helenka\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-10-19 16:11 - 2016-10-19 16:11 - 2458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Helenka\AppData\Local\Temp\libeay32.dll
2016-10-19 16:11 - 2016-10-19 16:11 - 0970912 _____ (Microsoft Corporation) C:\Users\Helenka\AppData\Local\Temp\msvcr120.dll
2017-02-05 10:49 - 2017-02-02 16:56 - 1342792 _____ (Andy OS, inc.) C:\Users\Helenka\AppData\Local\Temp\RemoveTemp.exe
2017-02-04 11:37 - 2017-02-04 11:37 - 1214528 _____ (Andy OS, inc.) C:\Users\Helenka\AppData\Local\Temp\SetAPK.exe
2016-10-19 16:11 - 2016-10-19 16:11 - 0772672 _____ () C:\Users\Helenka\AppData\Local\Temp\sqlite3.dll
2017-01-21 12:13 - 2017-01-21 14:35 - 0663658 _____ () C:\Users\Helenka\AppData\Local\Temp\Uninstall.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ==> Could not access BCD.
LastRegBack: 2017-02-25 17:25
==================== End of FRST.txt ============================
Ran by Helenka (administrator) on DOMA (05-03-2017 12:24:55)
Running from C:\Users\Helenka\Desktop\ÚDRŽBA
Loaded Profiles: Helenka (Available Profiles: Helenka)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
() C:\Windows\SysWOW64\spdsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe [64640 2013-01-28] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-03] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {0c4bd6aa-b710-11e6-bea7-089e01400cec} - "E:\autorun.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {4651e03c-df23-11e6-bead-806e6f6e6963} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {59627320-ca0a-11e6-beab-089e01400cec} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {ba04a953-ed21-11e5-be69-806e6f6e6963} - "D:\Setup.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {cb6f8045-dfe3-11e6-beb1-089e01400cec} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {eff2e197-8fbc-11e6-be92-089e01400cec} - "F:\Setup.exe"
HKLM\...\Providers\Internet Print Provider: inetpp.dll
HKLM\...\Providers\LanMan Print Services: win32spl.dll
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-03] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-03] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2017-03-01]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2017-03-01]
Startup: C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk [2017-03-01]
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 185.97.254.158 api.facepunch.com
Tcpip\Parameters: [DhcpNameServer] 82.144.128.1 82.144.129.1
Tcpip\..\Interfaces\{6E729190-5055-4A76-BB8B-3DEFC60ADD76}: [DhcpNameServer] 82.144.128.1 82.144.129.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> DefaultScope {4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> {4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> {BD63004A-89AC-488F-8A5A-D4311713A735} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-01] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-01-28] (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: taoywzw4.default
FF ProfilePath: C:\Users\Helenka\AppData\Roaming\Mozilla\Firefox\Profiles\taoywzw4.default [2017-02-28]
FF Extension: (MEGA) - C:\Users\Helenka\AppData\Roaming\Mozilla\Firefox\Profiles\taoywzw4.default\Extensions\firefox@mega.co.nz.xpi [2017-01-21]
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-01] (Oracle Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-09-01] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2520944081-2684202109-2728405321-1001: @nsroblox.roblox.com/launcher -> C:\Users\Helenka\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2520944081-2684202109-2728405321-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Helenka\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-05] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-16]
CHR Extension: (Chrome Media Router) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-16]
CHR Profile: C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default [2017-02-16]
CHR Extension: (Prezentace Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-28]
CHR Extension: (Dokumenty Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-28]
CHR Extension: (Disk Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-28]
CHR Extension: (YouTube) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-28]
CHR Extension: (Adblock Plus) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-01-21]
CHR Extension: (Kalendář Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (Tabulky Google) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Gmail) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-03]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-03] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-03] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-25] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [227104 2016-07-21] (EasyAntiCheat Ltd)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2016-03-18] (Dritek System INC.)
R2 Samsung Network Fax Server; C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxServer64.exe [801472 2015-03-10] (Samsung Electronics Co., Ltd.)
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2016-03-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2016-03-22] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
S2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-03-03] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-03] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-03-03] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-03] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-03-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-03-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-03-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-03-03] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-03-03] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-03-03] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [311968 2016-04-07] ()
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
R1 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-10-16] (REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43168 2016-04-07] ()
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2016-03-18] (Dritek System Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2016-03-22] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2016-03-22] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2016-03-22] (Microsoft Corporation)
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-03 10:55 - 2017-03-03 10:59 - 00000000 ____D C:\Users\Helenka\Downloads\Factorio 14.21
2017-03-03 10:55 - 2017-03-03 10:55 - 00012074 _____ C:\Users\Helenka\Downloads\[CzT]Factorio_v0_14_21_x86_x64_2016_CZ_EN_Win_Linux_.torrent
2017-03-03 10:50 - 2017-03-03 10:50 - 00001418 _____ C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\chrome.lnk
2017-03-03 10:46 - 2017-03-03 10:46 - 00000942 _____ C:\Users\Helenka\Desktop\Downloads.lnk
2017-03-03 10:41 - 2017-03-03 10:48 - 3091825564 _____ C:\Users\Helenka\Downloads\Rust Devblog 150.zip
2017-03-03 10:32 - 2017-03-03 10:32 - 00000027 _____ C:\Settings.ini
2017-03-03 10:18 - 2017-03-03 10:25 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-03 10:14 - 2017-03-03 10:14 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-03 10:10 - 2017-03-03 10:10 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-03-03 10:10 - 2017-03-03 10:10 - 00003914 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-03-03 10:10 - 2017-03-03 10:09 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-03-03 10:10 - 2017-03-03 10:09 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-03-03 10:10 - 2017-03-03 10:09 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-03-03 10:10 - 2017-03-03 10:09 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-03-01 20:20 - 2017-03-01 20:24 - 00000000 ____D C:\AdwCleaner
2017-03-01 14:52 - 2017-03-01 14:52 - 00000943 _____ C:\Users\Public\Desktop\Steam.lnk
2017-03-01 14:40 - 2017-03-01 14:40 - 00000000 ____D C:\Program Files (x86)\trend micro
2017-03-01 14:39 - 2017-03-01 14:41 - 00000000 ____D C:\Program Files\trend micro
2017-03-01 14:36 - 2017-03-05 12:24 - 00000000 ____D C:\FRST
2017-02-28 19:50 - 2017-02-28 19:50 - 00000000 ____D C:\Program Files\d6xr5dra
2017-02-28 19:07 - 2017-02-28 19:07 - 00000000 ____D C:\Program Files (x86)\Roblox
2017-02-28 15:12 - 2017-02-28 15:12 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignc09dc6f9b54e61be
2017-02-28 15:12 - 2017-02-28 15:12 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign52d941e8a60fe453
2017-02-28 15:12 - 2017-02-28 15:12 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign217c8aa3415ed6db
2017-02-28 15:07 - 2017-02-28 15:07 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignc916e49dff10a768
2017-02-28 15:06 - 2017-02-28 15:06 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign78991dca011c406e
2017-02-28 15:04 - 2017-02-28 15:04 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign35543eccefd88b80
2017-02-28 15:03 - 2017-02-28 15:03 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigndeadfe53c82375c5
2017-02-28 15:02 - 2017-02-28 15:02 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignba2f8e3179cf541d
2017-02-28 15:02 - 2017-02-28 15:02 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign9fac53ad27915299
2017-02-21 08:58 - 2017-02-23 16:41 - 00002368 _____ C:\Program Files (x86)\metadata
2017-02-20 19:37 - 2017-02-20 19:37 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Firefox
2017-02-20 19:37 - 2017-02-20 19:37 - 00000000 ____D C:\Users\Helenka\AppData\Local\Firefox
2017-02-18 13:02 - 2017-02-18 13:02 - 00000000 ____D C:\Users\Helenka\AppData\LocalLow\Smartly Dressed Games
2017-02-17 15:06 - 2017-02-28 19:45 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\GetRightToGo
2017-02-17 12:50 - 2017-02-28 20:54 - 00000000 ____D C:\Program Files (x86)\d6xr5dra
2017-02-16 18:13 - 2017-02-17 14:34 - 00000000 ____D C:\Users\Helenka\Documents\GTA San Andreas User Files
2017-02-16 17:42 - 2017-02-16 17:42 - 00000000 ____D C:\Users\Helenka\Documents\GTA Vice City User Files
2017-02-16 17:37 - 2017-02-16 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2017-02-16 14:54 - 2017-02-16 14:59 - 00000000 ____D C:\Users\Helenka\AppData\Local\Fagertain
2017-02-16 14:44 - 2017-02-16 14:44 - 00000000 ____D C:\Program Files\Common Files\Atheros
2017-02-16 14:40 - 2015-01-06 04:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2017-02-16 14:40 - 2015-01-06 03:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2017-02-16 14:40 - 2015-01-06 02:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2017-02-16 14:40 - 2015-01-06 02:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2017-02-16 14:39 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2017-02-16 14:39 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2017-02-16 14:39 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2017-02-16 14:39 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2017-02-16 14:39 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2017-02-16 14:39 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2017-02-16 14:39 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2017-02-16 14:39 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2017-02-16 14:39 - 2015-06-09 23:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2017-02-16 14:39 - 2015-06-09 23:39 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2017-02-16 14:39 - 2015-06-09 23:38 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-02-14 18:33 - 2017-02-14 18:33 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign2296590078b5e7ae
2017-02-14 18:32 - 2017-02-14 18:32 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignedd47d57ec5bd248
2017-02-14 18:32 - 2017-02-14 18:32 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign888540c9561f0931
2017-02-14 18:32 - 2017-02-14 18:32 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign5667d3375895e8e3
2017-02-14 18:30 - 2017-02-14 18:30 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign301175d1a80dcbea
2017-02-14 18:27 - 2017-02-14 18:27 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign427b32ca5a614424
2017-02-14 18:25 - 2017-02-14 18:25 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign9c0f021eb6fbaa61
2017-02-14 18:24 - 2017-02-14 18:24 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignf614c0408a71828c
2017-02-14 18:24 - 2017-02-14 18:24 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign0b27521e5b84870d
2017-02-14 18:22 - 2017-02-14 18:22 - 00000000 ____D C:\Users\Helenka\Documents\Moje palety
2017-02-14 18:18 - 2017-02-14 18:38 - 00000000 ____D C:\Users\Helenka\Documents\Corel
2017-02-14 18:16 - 2017-02-14 18:18 - 00000000 ____D C:\ProgramData\Protexis64
2017-02-14 18:16 - 2017-02-14 18:17 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Corel
2017-02-14 18:13 - 2017-02-14 18:13 - 00000000 ____D C:\Program Files\Common Files\Protexis
2017-02-14 18:13 - 2017-02-14 18:13 - 00000000 ____D C:\Program Files\Common Files\Corel
2017-02-14 18:12 - 2017-02-14 18:12 - 00000000 ____D C:\Users\Public\Documents\Corel
2017-02-14 18:11 - 2017-02-14 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
2017-02-14 18:10 - 2017-02-14 18:22 - 00000000 ____D C:\ProgramData\Corel
2017-02-14 18:10 - 2017-02-14 18:10 - 00000000 ____D C:\Program Files\Corel
2017-02-14 18:09 - 2017-02-14 18:16 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2017-02-13 19:11 - 2017-02-13 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-09 15:38 - 2017-02-09 15:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign159db5a12a1b4458
2017-02-09 15:34 - 2017-02-09 15:34 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign2e0d1f449035f999
2017-02-09 15:33 - 2017-02-09 15:33 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigne4353cd72dab39c1
2017-02-09 15:33 - 2017-02-09 15:33 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign416b0962cd957a3c
2017-02-09 15:17 - 2017-02-09 15:17 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign45af800af66706ec
2017-02-09 15:10 - 2017-02-09 15:10 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignb6843e5215a60fce
2017-02-09 15:10 - 2017-02-09 15:10 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigna0f9ada621f7a0da
2017-02-09 15:10 - 2017-02-09 15:10 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign1b69d86ae2371a9d
2017-02-09 14:26 - 2017-02-09 14:26 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignf5d201c99aadad2b
2017-02-09 14:26 - 2017-02-09 14:26 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign861a54750adccc38
2017-02-09 14:25 - 2017-02-09 14:25 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign3d1fee0e62ac8541
2017-02-09 14:25 - 2017-02-09 14:25 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign284b588a449ceb0d
2017-02-05 11:08 - 2017-02-05 11:08 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\.mono
2017-02-05 11:08 - 2017-02-05 11:08 - 00000000 ____D C:\Users\Helenka\AppData\Local\Colossal Order
2017-02-05 11:08 - 2017-02-05 11:08 - 00000000 ____D C:\ProgramData\.mono
2017-02-05 11:05 - 2017-02-05 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines
2017-02-05 10:42 - 2017-02-05 11:09 - 00000000 ____D C:\Program Files (x86)\Cities Skylines
2017-02-04 11:49 - 2017-02-05 10:49 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\VMware
2017-02-04 11:48 - 2017-02-04 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy
2017-02-04 11:44 - 2016-11-11 23:16 - 00052288 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmkbd.sys
2017-02-04 11:43 - 2017-02-04 11:43 - 01772950 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-02-04 11:34 - 2017-02-05 10:55 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Andy
2017-02-04 11:34 - 2017-02-04 11:34 - 00000000 ____D C:\Users\Helenka\Andy
2017-02-04 11:34 - 2017-02-04 11:34 - 00000000 ____D C:\Users\Helenk\Andy
2017-02-04 11:34 - 2017-02-04 11:34 - 00000000 ____D C:\Users\Helenk
2017-02-04 11:24 - 2017-02-04 11:24 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign37a12e80b9d0a5ba
2017-02-04 11:18 - 2017-02-04 11:18 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigna10886a37f4fe292
2017-02-04 11:18 - 2017-02-04 11:18 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign8e548af1ed29e347
2017-02-04 11:17 - 2017-02-04 11:17 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignf9a924637a0b91c6
2017-02-04 11:11 - 2017-02-04 11:11 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign53157a1cb68ca8ed
2017-02-04 11:06 - 2017-02-04 11:06 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsigneaf45255bdf0fc16
2017-02-04 11:05 - 2017-02-04 11:05 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign9416758e973fe8f0
2017-02-04 11:05 - 2017-02-04 11:05 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign7ab85f2896d733c4
2017-02-03 12:39 - 2017-02-03 12:39 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign99857d28011ee141
2017-02-03 12:38 - 2017-02-03 12:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignfc43a01f914379ab
2017-02-03 12:38 - 2017-02-03 12:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsignb19a9667328a68e7
2017-02-03 12:38 - 2017-02-03 12:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign5a94667f9465603c
2017-02-03 12:38 - 2017-02-03 12:38 - 00000000 ____D C:\Users\Helenka\AppData\Local\Tempzxpsign2eb10529867085d2
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-05 12:24 - 2016-04-01 13:58 - 00000000 ____D C:\Users\Helenka\Desktop\ÚDRŽBA
2017-03-05 11:24 - 2016-03-23 14:20 - 00003962 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2913751E-8255-4176-B63F-A7232F23BCFB}
2017-03-05 11:08 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-03 14:36 - 2016-12-25 15:29 - 00000000 ____D C:\Users\Helenka\Desktop\HRY
2017-03-03 14:36 - 2016-11-19 11:25 - 00000000 ____D C:\Rust
2017-03-03 11:30 - 2016-10-18 16:03 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2520944081-2684202109-2728405321-1001
2017-03-03 11:12 - 2017-01-21 10:46 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-03 11:02 - 2016-10-29 09:01 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\uTorrent
2017-03-03 10:45 - 2017-01-21 14:42 - 00000000 ____D C:\Users\Helenka\AppData\Local\CrashDumps
2017-03-03 10:35 - 2016-10-15 16:18 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Pro
2017-03-03 10:35 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2017-03-03 10:32 - 2017-01-21 17:36 - 00000000 ____D C:\Program Files (x86)\AirDroid
2017-03-03 10:29 - 2016-03-23 14:12 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-03 10:12 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-03 10:10 - 2017-01-21 17:39 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-03 10:10 - 2017-01-21 17:39 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-03-03 10:10 - 2017-01-21 17:39 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-03 10:10 - 2017-01-21 17:39 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-03 10:10 - 2017-01-21 17:39 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-03 10:10 - 2017-01-21 17:39 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-03 10:10 - 2017-01-21 17:39 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-03 10:10 - 2017-01-21 17:39 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-01 19:27 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-01 14:28 - 2017-01-14 17:22 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-03-01 14:21 - 2016-03-19 14:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-01 14:17 - 2016-03-19 14:53 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-01 14:13 - 2017-01-21 17:49 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-03-01 14:13 - 2016-12-17 15:36 - 00001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2017-03-01 14:13 - 2016-11-29 18:34 - 00001501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frontier Launchpad.lnk
2017-03-01 14:13 - 2016-10-28 10:05 - 00002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-01 14:13 - 2016-04-15 11:00 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-03-01 14:13 - 2016-03-23 14:07 - 00001430 _____ C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-03-01 14:13 - 2016-03-22 23:19 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-03-01 14:13 - 2016-03-22 23:13 - 00000469 _____ C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2017-03-01 14:13 - 2016-03-22 23:13 - 00000467 _____ C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2017-03-01 14:13 - 2016-03-19 12:38 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-03-01 14:13 - 2016-03-18 17:53 - 00002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Norton Online Backup.lnk
2017-03-01 14:13 - 2016-03-18 17:50 - 00001984 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2017-03-01 14:13 - 2013-03-12 17:30 - 00002636 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
2017-02-28 21:24 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-02-28 21:19 - 2016-03-24 09:44 - 00000000 ____D C:\Users\Helenka\Documents\UCE
2017-02-28 21:18 - 2016-03-24 09:41 - 00000000 ____D C:\Users\Helenka\AppData\Local\Deployment
2017-02-28 21:12 - 2016-10-29 09:01 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2017-02-28 21:05 - 2016-11-02 15:02 - 00000000 ____D C:\Program Files (x86)\Prison Architect
2017-02-28 19:57 - 2016-10-26 17:46 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-28 19:50 - 2016-03-22 23:13 - 00000000 ____D C:\Users\Helenka
2017-02-28 19:48 - 2013-08-22 15:44 - 05119360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-28 19:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2017-02-28 19:45 - 2017-01-21 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-02-28 19:45 - 2017-01-21 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-28 19:45 - 2016-09-05 07:18 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2017-02-28 19:45 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-28 19:45 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-02-28 19:42 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-28 19:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\registration
2017-02-28 19:32 - 2017-01-14 17:22 - 00000000 ____D C:\Users\Helenka\AppData\Local\Roblox
2017-02-27 13:26 - 2016-03-19 17:25 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\.minecraft
2017-02-21 09:57 - 2017-01-21 17:50 - 00000000 ____D C:\Users\Helenka\AppData\LocalLow\Mozilla
2017-02-16 17:37 - 2017-01-31 16:49 - 00000000 ____D C:\Program Files (x86)\Kingo ROOT
2017-02-16 17:37 - 2013-03-12 18:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-16 17:36 - 2016-10-30 10:39 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-02-16 15:25 - 2017-01-31 17:32 - 00000000 ____D C:\Users\Helenka\.android
2017-02-16 14:48 - 2014-11-21 05:53 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-16 14:48 - 2014-11-21 05:10 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-16 14:48 - 2014-11-21 05:10 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-16 14:17 - 2016-10-15 16:19 - 00000000 ____D C:\Users\Helenka\AppData\Roaming\DAEMON Tools Pro
2017-02-14 18:15 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-06 20:41 - 2016-11-12 12:16 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:41 - 2016-11-12 12:16 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2017-02-21 08:58 - 2017-02-23 16:41 - 0002368 _____ () C:\Program Files (x86)\metadata
2016-11-14 20:23 - 2016-11-14 20:23 - 0000014 _____ () C:\Users\Helenka\AppData\Roaming\dmcusername.file
2016-03-29 19:55 - 2016-03-29 19:55 - 0050304 _____ () C:\Users\Helenka\AppData\Roaming\gtk20.mo.id_c05a2ddbccba96cf_email_zeta@dr.com.scl
2016-11-14 20:17 - 2016-11-14 20:17 - 0000000 _____ () C:\Users\Helenka\AppData\Roaming\pof.exact
2016-03-27 21:25 - 2016-03-27 21:25 - 0001960 _____ () C:\Users\Helenka\AppData\Roaming\SeleniumCisternaFronton
2014-10-07 05:39 - 2014-10-07 05:39 - 0011264 _____ () C:\Users\Helenka\AppData\Roaming\System.dll
2016-05-04 16:12 - 2016-05-04 16:12 - 0000003 _____ () C:\Users\Helenka\AppData\Local\updater.log
2016-05-04 16:12 - 2016-08-06 20:36 - 0000424 _____ () C:\Users\Helenka\AppData\Local\UserProducts.xml
2017-01-31 16:50 - 2017-01-31 16:50 - 0000185 _____ () C:\Users\Helenka\AppData\Local\uts.ini
2016-03-18 17:18 - 2016-03-18 17:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
2017-01-21 12:21 - 2017-01-21 12:21 - 0321024 _____ () C:\Users\Helenka\AppData\Local\Temp\2ce83b48-6995-4a17-8074-68fc477a651e_x86.exe
2017-01-21 12:10 - 2017-01-21 12:10 - 0739904 _____ (Oracle Corporation) C:\Users\Helenka\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-10-19 16:11 - 2016-10-19 16:11 - 2458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Helenka\AppData\Local\Temp\libeay32.dll
2016-10-19 16:11 - 2016-10-19 16:11 - 0970912 _____ (Microsoft Corporation) C:\Users\Helenka\AppData\Local\Temp\msvcr120.dll
2017-02-05 10:49 - 2017-02-02 16:56 - 1342792 _____ (Andy OS, inc.) C:\Users\Helenka\AppData\Local\Temp\RemoveTemp.exe
2017-02-04 11:37 - 2017-02-04 11:37 - 1214528 _____ (Andy OS, inc.) C:\Users\Helenka\AppData\Local\Temp\SetAPK.exe
2016-10-19 16:11 - 2016-10-19 16:11 - 0772672 _____ () C:\Users\Helenka\AppData\Local\Temp\sqlite3.dll
2017-01-21 12:13 - 2017-01-21 14:35 - 0663658 _____ () C:\Users\Helenka\AppData\Local\Temp\Uninstall.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ==> Could not access BCD.
LastRegBack: 2017-02-25 17:25
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Počítač se chová divně :-)
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Helenka\Desktop\ÚDRŽBA jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {0c4bd6aa-b710-11e6-bea7-089e01400cec} - "E:\autorun.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {4651e03c-df23-11e6-bead-806e6f6e6963} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {59627320-ca0a-11e6-beab-089e01400cec} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {ba04a953-ed21-11e5-be69-806e6f6e6963} - "D:\Setup.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {cb6f8045-dfe3-11e6-beb1-089e01400cec} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {eff2e197-8fbc-11e6-be92-089e01400cec} - "F:\Setup.exe"
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> DefaultScope {4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> {4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> {BD63004A-89AC-488F-8A5A-D4311713A735} URL =
CHR Profile: C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-05] <==== ATTENTION
C:\ProgramData\DP45977C.lfl
C:\Users\Helenka\AppData\Local\Temp
Task: {3D7D5F5A-FAFF-4814-A6D2-C4F60C11AF02} - \Thimilyjoboly -> No File <==== ATTENTION
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Počítač se chová divně :-)
Ze všech zástupců jsou bílé čtverečky.... :-/
Fix result of Farbar Recovery Scan Tool (x64) Version: 05-03-2017
Ran by Helenka (05-03-2017 19:14:47) Run:1
Running from C:\Users\Helenka\Desktop\ÚDRŽBA
Loaded Profiles: Helenka (Available Profiles: Helenka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {0c4bd6aa-b710-11e6-bea7-089e01400cec} - "E:\autorun.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {4651e03c-df23-11e6-bead-806e6f6e6963} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {59627320-ca0a-11e6-beab-089e01400cec} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {ba04a953-ed21-11e5-be69-806e6f6e6963} - "D:\Setup.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {cb6f8045-dfe3-11e6-beb1-089e01400cec} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {eff2e197-8fbc-11e6-be92-089e01400cec} - "F:\Setup.exe"
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> DefaultScope {4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> {4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> {BD63004A-89AC-488F-8A5A-D4311713A735} URL =
CHR Profile: C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-05] <==== ATTENTION
C:\ProgramData\DP45977C.lfl
C:\Users\Helenka\AppData\Local\Temp
Task: {3D7D5F5A-FAFF-4814-A6D2-C4F60C11AF02} - \Thimilyjoboly -> No File <==== ATTENTION
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0c4bd6aa-b710-11e6-bea7-089e01400cec} => key removed successfully
HKCR\CLSID\{0c4bd6aa-b710-11e6-bea7-089e01400cec} => key not found.
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4651e03c-df23-11e6-bead-806e6f6e6963} => key removed successfully
HKCR\CLSID\{4651e03c-df23-11e6-bead-806e6f6e6963} => key not found.
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59627320-ca0a-11e6-beab-089e01400cec} => key removed successfully
HKCR\CLSID\{59627320-ca0a-11e6-beab-089e01400cec} => key not found.
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba04a953-ed21-11e5-be69-806e6f6e6963} => key removed successfully
HKCR\CLSID\{ba04a953-ed21-11e5-be69-806e6f6e6963} => key not found.
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb6f8045-dfe3-11e6-beb1-089e01400cec} => key removed successfully
HKCR\CLSID\{cb6f8045-dfe3-11e6-beb1-089e01400cec} => key not found.
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eff2e197-8fbc-11e6-be92-089e01400cec} => key removed successfully
HKCR\CLSID\{eff2e197-8fbc-11e6-be92-089e01400cec} => key not found.
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} => key removed successfully
HKCR\CLSID\{4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} => key not found.
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BD63004A-89AC-488F-8A5A-D4311713A735} => key removed successfully
HKCR\CLSID\{BD63004A-89AC-488F-8A5A-D4311713A735} => key not found.
C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
C:\Users\Helenka\AppData\Local\Temp => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D7D5F5A-FAFF-4814-A6D2-C4F60C11AF02} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D7D5F5A-FAFF-4814-A6D2-C4F60C11AF02} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Thimilyjoboly => key removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12660044 B
Java, Flash, Steam htmlcache => 52494460 B
Windows/system/drivers => 40823020 B
Edge => 0 B
Chrome => 435728924 B
Firefox => 11304437 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 134 B
systemprofile32 => 432 B
LocalService => 65340 B
NetworkService => 4817680 B
Helenka => 142093676 B
RecycleBin => 55571 B
EmptyTemp: => 675.6 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-03-2017 19:33:25)
C:\ProgramData\DP45977C.lfl => Is moved successfully
==== End of Fixlog 19:33:25 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 05-03-2017
Ran by Helenka (05-03-2017 19:14:47) Run:1
Running from C:\Users\Helenka\Desktop\ÚDRŽBA
Loaded Profiles: Helenka (Available Profiles: Helenka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {0c4bd6aa-b710-11e6-bea7-089e01400cec} - "E:\autorun.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {4651e03c-df23-11e6-bead-806e6f6e6963} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {59627320-ca0a-11e6-beab-089e01400cec} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {ba04a953-ed21-11e5-be69-806e6f6e6963} - "D:\Setup.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {cb6f8045-dfe3-11e6-beb1-089e01400cec} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\...\MountPoints2: {eff2e197-8fbc-11e6-be92-089e01400cec} - "F:\Setup.exe"
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> DefaultScope {4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> {4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2520944081-2684202109-2728405321-1001 -> {BD63004A-89AC-488F-8A5A-D4311713A735} URL =
CHR Profile: C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-05] <==== ATTENTION
C:\ProgramData\DP45977C.lfl
C:\Users\Helenka\AppData\Local\Temp
Task: {3D7D5F5A-FAFF-4814-A6D2-C4F60C11AF02} - \Thimilyjoboly -> No File <==== ATTENTION
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0c4bd6aa-b710-11e6-bea7-089e01400cec} => key removed successfully
HKCR\CLSID\{0c4bd6aa-b710-11e6-bea7-089e01400cec} => key not found.
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4651e03c-df23-11e6-bead-806e6f6e6963} => key removed successfully
HKCR\CLSID\{4651e03c-df23-11e6-bead-806e6f6e6963} => key not found.
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59627320-ca0a-11e6-beab-089e01400cec} => key removed successfully
HKCR\CLSID\{59627320-ca0a-11e6-beab-089e01400cec} => key not found.
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba04a953-ed21-11e5-be69-806e6f6e6963} => key removed successfully
HKCR\CLSID\{ba04a953-ed21-11e5-be69-806e6f6e6963} => key not found.
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb6f8045-dfe3-11e6-beb1-089e01400cec} => key removed successfully
HKCR\CLSID\{cb6f8045-dfe3-11e6-beb1-089e01400cec} => key not found.
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eff2e197-8fbc-11e6-be92-089e01400cec} => key removed successfully
HKCR\CLSID\{eff2e197-8fbc-11e6-be92-089e01400cec} => key not found.
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} => key removed successfully
HKCR\CLSID\{4B7AB1A7-9E69-4413-BBB0-50F38FBC11F0} => key not found.
HKU\S-1-5-21-2520944081-2684202109-2728405321-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BD63004A-89AC-488F-8A5A-D4311713A735} => key removed successfully
HKCR\CLSID\{BD63004A-89AC-488F-8A5A-D4311713A735} => key not found.
C:\Users\Helenka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
C:\Users\Helenka\AppData\Local\Temp => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D7D5F5A-FAFF-4814-A6D2-C4F60C11AF02} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D7D5F5A-FAFF-4814-A6D2-C4F60C11AF02} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Thimilyjoboly => key removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12660044 B
Java, Flash, Steam htmlcache => 52494460 B
Windows/system/drivers => 40823020 B
Edge => 0 B
Chrome => 435728924 B
Firefox => 11304437 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 134 B
systemprofile32 => 432 B
LocalService => 65340 B
NetworkService => 4817680 B
Helenka => 142093676 B
RecycleBin => 55571 B
EmptyTemp: => 675.6 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-03-2017 19:33:25)
C:\ProgramData\DP45977C.lfl => Is moved successfully
==== End of Fixlog 19:33:25 ====
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Počítač se chová divně :-)
OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?