Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pomoc s pc? prosím

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Vicitims
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 03 říj 2018 17:21

Pomoc s pc? prosím

#1 Příspěvek od Vicitims »

Dobrý podvečer mám problém....(nejsem vědec na ochranu pc) proto v tom mám trochu bordel.Kolega mi vás doporučil že jste dobrý.....pc sem
kontrolovat spybotem na rootkit (poprvé.... ) a když to začlo skákat divil sem se že pc ještě funguje.... spybot se i 2x při kontrole na rootkit zasekl při hledání a prostě nechtěl jít dál tak zkouším vás jestli náhodou nevíte byl bych moc rád za odpověd díky moc.




Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.09.2018
Ran by MichalTrnka (administrator) on VICITIMS (03-10-2018 18:02:35)
Running from C:\Users\Michal Trnka\Downloads
Loaded Profiles: MichalTrnka (Available Profiles: MichalTrnka)
Platform: Windows 8.1 (Update) (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Lenovo) C:\Program Files\lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
() C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe
() C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-12-23] (Realtek semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-03-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-03-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-09-04] (ESET)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-08-24] (Piriform Ltd)
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\RunOnce: [Uninstall C:\Users\Michal Trnka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michal Trnka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b55dde-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b55fe6-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b560d3-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {7a09b9f8-8272-11e5-8265-f4066995c7e2} - "F:\autorun.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {8e53c2e0-18b1-11e6-827f-f4066995c7e2} - "G:\autorun.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {c5c49785-50c1-11e6-8286-f4066995c7e2} - "I:\setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {df2f3ce1-2ee9-11e6-8280-f4066995c7e2} - "H:\setup.exe"
HKU\S-1-5-18\...\Run: [] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bitmeter2.lnk [2015-10-18]
ShortcutTarget: Bitmeter2.lnk -> C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{5F1EC7F4-4608-4C58-9085-29C0F99A3485}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{F7075E92-B5C9-49D7-A648-DE816D87CF41}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-118406243-1781282106-884721309-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> DefaultScope {874A607E-B5C4-458D-93AA-20A552F0EB24} URL =
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {35E13BED-809F-4DB7-B57B-FF5BD98A771E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {461D619A-50EE-47E1-8868-803755AEDF7B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {4E2526FF-EDA1-498D-90EF-B83A754638B3} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {874A607E-B5C4-458D-93AA-20A552F0EB24} URL =
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {8ED74BA1-FEEF-447B-AD15-7EAAEA3657B6} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {922D5792-21AF-4002-95FC-0DB05774F8A1} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={0A0AA074-07E1-4DFF-B76F-2886E0AAED6A}&mid=0e41d442babd47cca1df254f2f712e11-78bf4ee4159c4792837b42507334e4b0b4040444&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0117tb&pr=fr&d=2016-06-19 03:32:54&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {A8092064-11AF-4F88-B968-EC065B118701} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {AF3C323B-DAAD-4B11-8D1D-F7F5160FE430} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {B3EC9C1A-ACB3-440B-93DD-9BF2AA3DBA0E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {BB110623-C8AA-462A-B149-65D5C31508B8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-31] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-31] (Oracle Corporation)

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-31] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default [2018-10-03]
CHR Extension: (Prezentace) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-06]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-09-08]
CHR Extension: (YouTube) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-19]
CHR Extension: (Skype) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-06]
CHR Extension: (Gmail) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-13]
CHR Extension: (Chrome Media Router) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R2 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [529056 2017-11-20] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2260144 2018-09-04] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2260144 2018-09-04] (ESET)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [318568 2014-08-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-03-24] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1880864 2018-02-13] (Maxthon)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-21] ()
S3 npggsvc; C:\windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.)
S2 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2147216 2017-05-07] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3116440 2017-05-07] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2016-04-17] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2015-03-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-21] (Intel® Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\windows\System32\DRIVERS\atksgt.sys [310984 2016-08-09] ()
S3 avgTap; C:\windows\system32\DRIVERS\avgTap.sys [54888 2017-11-01] (The OpenVPN Project)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-06] (Disc Soft Ltd)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [141512 2018-09-04] (ESET)
R0 edevmon; C:\windows\System32\DRIVERS\edevmon.sys [109232 2018-09-04] (ESET)
S0 eelam; C:\windows\System32\DRIVERS\eelam.sys [15872 2018-09-04] (ESET)
R1 ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [188824 2018-09-04] (ESET)
S2 ekbdflt; C:\windows\system32\DRIVERS\ekbdflt.sys [50144 2018-09-04] (ESET)
R1 epfw; C:\windows\system32\DRIVERS\epfw.sys [82304 2018-09-04] (ESET)
R1 epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [109864 2018-09-04] (ESET)
S3 Hamachi; C:\windows\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [220104 2014-08-07] (Intel Corporation)
R2 lirsgt; C:\windows\System32\DRIVERS\lirsgt.sys [42696 2016-08-09] ()
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\NETwbw02.sys [3609568 2013-12-25] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [9101016 2013-12-23] (Realtek Semiconductor Corp.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2016-07-23] () [File not signed]
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 AVFSFilter; \SystemRoot\system32\DRIVERS\avfsfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-03 18:02 - 2018-10-03 18:03 - 000026714 _____ C:\Users\Michal Trnka\Downloads\FRST.txt
2018-10-03 18:02 - 2018-10-03 18:02 - 000000000 ____D C:\FRST
2018-10-03 18:01 - 2018-10-03 18:01 - 002414080 _____ (Farbar) C:\Users\Michal Trnka\Downloads\FRST64.exe
2018-10-03 17:57 - 2018-10-03 17:57 - 000001967 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2018-10-03 17:54 - 2018-10-03 17:54 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\ESET
2018-10-03 17:53 - 2018-10-03 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-10-03 17:53 - 2018-10-03 17:53 - 000000000 ____D C:\ProgramData\ESET
2018-10-03 17:53 - 2018-10-03 17:53 - 000000000 ____D C:\Program Files\ESET
2018-10-03 17:49 - 2018-10-03 17:49 - 004279416 _____ (ESET) C:\Users\Michal Trnka\Downloads\eset_internet_security_live_installer.exe
2018-10-03 17:02 - 2018-10-03 16:21 - 000454378 _____ C:\windows\system32\Drivers\etc\hosts.20181003-170257.backup
2018-10-03 16:34 - 2018-10-03 16:34 - 000000000 _____ C:\windows\SysWOW64\last.dump
2018-10-02 20:17 - 2018-10-02 20:17 - 000000968 _____ C:\Users\Public\Desktop\Bandicam.lnk
2018-10-02 20:17 - 2018-10-02 20:17 - 000000000 ____D C:\Program Files (x86)\Bandicam
2018-10-02 20:04 - 2018-10-02 20:04 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\BANDISOFT
2018-10-01 18:55 - 2018-10-01 19:37 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\obs-studio
2018-10-01 18:55 - 2018-10-01 18:55 - 000001031 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2018-10-01 18:55 - 2018-10-01 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2018-10-01 18:54 - 2018-10-01 18:55 - 000000000 ____D C:\Program Files\obs-studio
2018-10-01 17:10 - 2018-10-01 17:10 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\Publish Providers
2018-10-01 17:10 - 2018-10-01 17:10 - 000000000 ____D C:\ProgramData\VEGAS Pro
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\VEGAS Pro
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\VEGAS
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\MAGIX
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\VEGAS Pro
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\Sony
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\ProgramData\Magix
2018-10-01 17:05 - 2018-10-03 16:51 - 000000000 ____D C:\ProgramData\VEGAS
2018-10-01 17:05 - 2018-10-01 17:05 - 000000000 ____D C:\Program Files\VEGAS
2018-10-01 17:04 - 2018-10-01 17:04 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\Sony
2018-09-12 21:30 - 2018-08-28 07:39 - 001491032 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2018-09-12 21:30 - 2018-08-28 05:46 - 001764408 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2018-09-12 21:30 - 2018-08-28 03:36 - 001311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2018-09-12 21:30 - 2018-08-28 03:36 - 000340480 _____ (Microsoft Corporation) C:\windows\SysWOW64\msexcl40.dll
2018-09-12 21:30 - 2018-08-24 01:05 - 025736704 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-09-12 21:30 - 2018-08-24 00:54 - 000289280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
2018-09-12 21:30 - 2018-08-24 00:34 - 005779456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-09-12 21:30 - 2018-08-23 23:40 - 001555456 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-09-12 21:30 - 2018-08-23 23:27 - 020279296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-09-12 21:30 - 2018-08-23 22:51 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-09-12 21:30 - 2018-08-23 22:27 - 001329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-09-12 21:30 - 2018-08-14 03:22 - 022374608 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2018-09-12 21:30 - 2018-08-14 03:19 - 019790752 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2018-09-12 21:30 - 2018-08-13 22:06 - 002530384 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2018-09-12 21:30 - 2018-08-13 22:03 - 001903744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2018-09-12 21:30 - 2018-08-13 21:32 - 001368680 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2018-09-12 21:30 - 2018-08-13 15:40 - 001754112 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2018-09-12 21:30 - 2018-08-13 15:39 - 001491968 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2018-09-12 21:30 - 2018-08-13 15:33 - 001085440 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2018-09-12 21:30 - 2018-08-12 21:23 - 007373544 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-09-12 21:30 - 2018-08-12 21:06 - 001676056 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-09-12 21:30 - 2018-08-12 21:06 - 001536120 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2018-09-12 21:30 - 2018-08-12 21:06 - 001500432 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-09-12 21:30 - 2018-08-12 21:06 - 001371352 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2018-09-12 21:30 - 2018-08-12 21:04 - 002451808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-09-12 21:30 - 2018-08-12 18:31 - 002347520 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2018-09-12 21:30 - 2018-08-12 18:06 - 001556480 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2018-09-12 21:30 - 2018-08-09 19:39 - 000113664 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2018-09-12 21:30 - 2018-08-09 18:41 - 000073728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2018-09-12 21:30 - 2018-08-09 18:39 - 000148992 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2018-09-12 21:30 - 2018-07-29 15:44 - 001265664 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2018-09-12 21:30 - 2018-07-24 19:50 - 006522344 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2018-09-12 21:30 - 2018-07-24 19:50 - 001488008 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2018-09-12 21:30 - 2018-07-24 19:50 - 000261408 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2018-09-12 21:30 - 2018-07-24 15:45 - 000685056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2018-09-12 21:30 - 2018-07-18 15:34 - 000101376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2018-09-12 21:30 - 2018-07-06 19:14 - 000346112 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2018-09-12 21:30 - 2018-07-06 18:22 - 000299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
2018-09-12 21:30 - 2018-07-06 01:17 - 001115648 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2018-09-12 21:30 - 2018-06-26 17:25 - 000425984 _____ (Microsoft Corporation) C:\windows\system32\PCPTpm12.dll
2018-09-12 21:30 - 2018-06-26 17:14 - 000367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\PCPTpm12.dll
2018-09-12 21:30 - 2018-06-21 15:31 - 001200640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2018-09-12 21:30 - 2018-06-21 15:30 - 000868864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2018-09-12 21:29 - 2018-08-24 00:43 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-09-12 21:29 - 2018-08-24 00:33 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-09-12 21:29 - 2018-08-24 00:08 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2018-09-12 21:29 - 2018-08-24 00:01 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-09-12 21:29 - 2018-08-24 00:00 - 015283712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-09-12 21:29 - 2018-08-23 23:52 - 004510720 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-09-12 21:29 - 2018-08-23 23:28 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-09-12 21:29 - 2018-08-23 23:15 - 000497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-09-12 21:29 - 2018-08-23 23:06 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-09-12 21:29 - 2018-08-23 22:49 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2018-09-12 21:29 - 2018-08-23 22:48 - 013679616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-09-12 21:29 - 2018-08-23 22:44 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-09-12 21:29 - 2018-08-23 22:30 - 004037632 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-09-12 21:29 - 2018-08-23 22:24 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-09-12 21:29 - 2018-08-13 15:30 - 000043520 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2018-09-12 21:29 - 2018-08-13 15:29 - 000057344 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2018-09-12 21:29 - 2018-08-09 19:40 - 000078336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2018-09-12 21:29 - 2018-08-09 18:59 - 000543232 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll
2018-09-12 21:29 - 2018-08-09 18:41 - 000096768 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2018-09-12 21:29 - 2018-06-21 15:24 - 000513456 _____ C:\windows\SysWOW64\locale.nls
2018-09-12 21:29 - 2018-06-21 15:24 - 000513456 _____ C:\windows\system32\locale.nls
2018-09-04 12:23 - 2018-09-04 12:23 - 000188824 _____ (ESET) C:\windows\system32\Drivers\ehdrv.sys
2018-09-04 12:23 - 2018-09-04 12:23 - 000141512 _____ (ESET) C:\windows\system32\Drivers\eamonm.sys
2018-09-04 12:23 - 2018-09-04 12:23 - 000109864 _____ (ESET) C:\windows\system32\Drivers\epfwwfp.sys
2018-09-04 12:23 - 2018-09-04 12:23 - 000109232 _____ (ESET) C:\windows\system32\Drivers\edevmon.sys
2018-09-04 12:23 - 2018-09-04 12:23 - 000082304 _____ (ESET) C:\windows\system32\Drivers\epfw.sys
2018-09-04 12:23 - 2018-09-04 12:23 - 000050144 _____ (ESET) C:\windows\system32\Drivers\ekbdflt.sys
2018-09-04 12:23 - 2018-09-04 12:23 - 000015872 _____ (ESET) C:\windows\system32\Drivers\eelam.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-03 18:02 - 2015-10-18 09:49 - 000000000 ____D C:\ProgramData\Bitmeter2
2018-10-03 17:54 - 2013-08-22 17:36 - 000000000 ___HD C:\windows\ELAMBKUP
2018-10-03 17:54 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf
2018-10-03 16:54 - 2017-12-21 17:56 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-10-03 16:54 - 2015-10-13 02:20 - 000003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-118406243-1781282106-884721309-1002
2018-10-03 16:49 - 2016-06-10 10:11 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\AvgSetupLog
2018-10-03 16:49 - 2015-11-06 18:54 - 000000000 ____D C:\Program Files (x86)\AVG
2018-10-03 16:49 - 2015-11-06 18:53 - 000000000 ____D C:\ProgramData\AVG
2018-10-03 16:48 - 2015-11-06 18:51 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz
2018-10-03 16:47 - 2015-03-24 13:24 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-03 16:44 - 2015-10-17 19:12 - 000000000 ___RD C:\Users\Michal Trnka\Desktop\sračky
2018-10-03 16:43 - 2015-10-13 07:46 - 000000000 ____D C:\Program Files (x86)\Steam
2018-10-03 16:41 - 2017-01-10 19:46 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-10-03 16:40 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-10-03 16:39 - 2018-03-21 17:52 - 000501552 _____ C:\windows\system32\FNTCACHE.DAT
2018-10-03 16:39 - 2015-11-06 18:54 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\AVG
2018-10-03 16:38 - 2015-03-24 14:27 - 000016896 _____ C:\windows\system32\VfService.trf
2018-10-03 16:38 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2018-10-02 22:21 - 2016-01-20 17:28 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\Battle.net
2018-10-02 20:27 - 2016-05-15 15:10 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\uTorrent
2018-10-02 20:21 - 2018-08-15 19:17 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2018-10-02 20:21 - 2016-01-20 17:27 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-10-01 19:21 - 2016-02-07 10:18 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\vlc
2018-10-01 16:03 - 2016-03-20 14:12 - 000000000 ____D C:\Users\Michal Trnka\Downloads\Hudba
2018-10-01 16:02 - 2016-03-20 14:14 - 000000000 ____D C:\Users\Michal Trnka\Downloads\Filmy
2018-09-23 03:32 - 2017-07-27 01:53 - 000003184 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-118406243-1781282106-884721309-1002
2018-09-23 03:32 - 2016-04-23 18:21 - 000002351 _____ C:\Users\Michal Trnka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2018-09-18 16:16 - 2017-12-23 10:46 - 000002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-18 16:16 - 2017-12-23 10:46 - 000002171 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-17 05:54 - 2016-11-29 00:40 - 000003852 _____ C:\windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-17 05:54 - 2016-11-29 00:38 - 000003738 _____ C:\windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-17 05:54 - 2016-11-29 00:38 - 000003494 _____ C:\windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-17 05:53 - 2018-07-03 19:57 - 000003608 _____ C:\windows\System32\Tasks\Maxthon5 Update
2018-09-17 05:53 - 2017-04-01 07:20 - 000003082 _____ C:\windows\System32\Tasks\{EBA6E84E-0B5E-4A9A-9077-71B825860688}
2018-09-17 05:53 - 2015-03-24 14:26 - 000003056 _____ C:\windows\System32\Tasks\PDVDServ Task
2018-09-17 05:53 - 2015-03-24 13:32 - 000002990 _____ C:\windows\System32\Tasks\Synaptics TouchPad Enhancements
2018-09-16 12:06 - 2017-12-23 10:45 - 000003258 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-09-14 20:37 - 2013-08-22 17:36 - 000000000 ____D C:\windows\rescache
2018-09-14 05:55 - 2013-08-22 17:36 - 000000000 ___RD C:\windows\ToastData
2018-09-13 16:24 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2018-09-13 16:16 - 2015-12-11 15:36 - 000000000 ____D C:\windows\system32\MRT
2018-09-13 16:13 - 2015-10-14 07:26 - 139184408 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-09-10 16:12 - 2015-11-06 20:47 - 000000000 ____D C:\Program Files\CCleaner
2018-09-05 00:06 - 2018-03-15 15:44 - 000835144 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-09-05 00:06 - 2018-03-15 15:44 - 000179808 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-08-01 03:08 - 2016-08-01 03:08 - 000000010 _____ () C:\Users\Michal Trnka\AppData\Roaming\dmcusername.file
2016-08-01 03:08 - 2016-08-01 03:08 - 000000000 _____ () C:\Users\Michal Trnka\AppData\Roaming\pof.exact
2018-01-14 21:16 - 2018-01-14 21:16 - 000001475 _____ () C:\Users\Michal Trnka\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-02 18:16

==================== End of FRST.txt ============================






Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.09.2018
Ran by MichalTrnka (03-10-2018 18:03:51)
Running from C:\Users\Michal Trnka\Downloads
Windows 8.1 (Update) (X64) (2015-10-13 00:12:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-118406243-1781282106-884721309-500 - Administrator - Disabled)
Guest (S-1-5-21-118406243-1781282106-884721309-501 - Limited - Disabled)
MichalTrnka (S-1-5-21-118406243-1781282106-884721309-1002 - Administrator - Enabled) => C:\Users\Michal Trnka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.)
Aktualizace NVIDIA 27.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 27.1.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.09 - NVIDIA Corporation) Hidden
Aureria Classic verze revize 2. (HKLM-x32\...\{C4B0E2AA-A2D7-4873-AE29-00A16193894D}_is1) (Version: revize 2. - SimplyGames.cz)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.1.0.1064 - Bandisoft.com)
Banished (HKLM-x32\...\1207660783_is1) (Version: 2.5.0.9 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BitMeter (HKLM-x32\...\BitMeter) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
Counter-Strike 1.6 (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Counter-Strike 1.6) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Download Manager (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\e10685ec571b7282) (Version: 4.0.0.18 - Also Digital B.V.)
Ekura (HKLM-x32\...\Sindicate Ekura) (Version: 12.159.10674 - Sindicate)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
ESET Security (HKLM\...\{0813F772-F554-4DA9-9CEA-ABCE6321BDFD}) (Version: 11.2.63.0 - ESET, spol. s r.o.)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Gameforge Live 2.0.13 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gothic (HKLM-x32\...\{C16ADB2B-37C8-4AF8-A7D2-3A4B1BEF9662}) (Version: 1.00.0000 - Piranha Bytes) Hidden
Gothic (HKLM-x32\...\InstallShield_{C16ADB2B-37C8-4AF8-A7D2-3A4B1BEF9662}) (Version: 1.00.0000 - Piranha Bytes)
Gothic II Gold (HKLM-x32\...\{8B95673D-2D4C-4216-ADA2-3660973700BF}) (Version: 1.00.0000 - CD Projekt) Hidden
Gothic II Gold (HKLM-x32\...\InstallShield_{8B95673D-2D4C-4216-ADA2-3660973700BF}) (Version: 1.00.0000 - CD Projekt)
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{07BE4679-4318-4413-9701-B3D91354F10C}) (Version: - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version: - )
Heroes of Might and Magic V (HKLM-x32\...\{8829DAD4-8F07-4A96-B995-15498EBB8045}) (Version: - )
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.91 - Riot Games, Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eff1d9d1-41fa-49ef-a986-082bfe49c293}) (Version: 16.8.0 - Intel Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
KClip 1.0.2 VST x64 Demo version 1.0.2 (HKLM-x32\...\{64DAC5E3-1149-43BD-92CB-64D84F92C0CB}_is1) (Version: 1.0.2 - Kazrog LLC)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.1.2 - PandoraTV)
League of Legends (HKLM-x32\...\{6FEDADF5-40EC-4E18-A376-0FDBACE65338}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10256 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo Web Start (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - SweetLabs)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
Metin2 (HKLM-x32\...\Metin2_CZ_is1) (Version: - Gameforge 4D GmbH)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft OneDrive (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OpenOffice 4.1.4 (HKLM-x32\...\{726F81BD-FECF-412D-917B-F237CD6C8FFE}) (Version: 4.14.9787 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.09 - NVIDIA Corporation) Hidden
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Rise of Nations: Extended Edition (HKLM-x32\...\Rise of Nations: Extended Edition_is1) (Version: - Microsoft Studios)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
Seznam Software (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.28 (HKLM-x32\...\Skype_is1) (Version: 8.28 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\TeamSpeak 3 Client) (Version: 3.1.9 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VLC MEDIA player cz plna verze zdarma 2013 version for Windows (HKLM-x32\...\{6AE0F474-EC64-21CF-4936-B40E009DEC8D}_is1) (Version: for Windows - )
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Winrar 4.11_64bit_32_bit+full+cz version for Windows (HKLM-x32\...\{A9B1D15A-58A6-6A5A-525C-33F3BFE7819C}_is1) (Version: for Windows - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zaklínač - Rozšířená edice (HKLM-x32\...\{86ACE727-A4F2-4B28-A37D-254D9CC03156}) (Version: 1.5 - CD Projekt Red)
Zaklínač (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (Cyberlink)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-04] (ESET)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (Cyberlink)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-04] (ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-08-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2016-11-24] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-04] (ESET)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {038E31AC-D811-40D9-828C-C0069E56D5C1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIA Corporation)
Task: {05043A26-B997-4CCC-BE00-F294A822232E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {0EA1A0E8-E26E-46B8-8873-70CBE964EA0B} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon\bin\Maxthon.exe [2017-11-16] (Maxthon International ltd.)
Task: {18A9FCAD-828C-44B5-80D3-058B2FD371E9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2018-09-13] (Microsoft Corporation)
Task: {1BA14702-5C69-438B-BB65-38633E55FA6F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [2018-10-02] (AVAST Software)
Task: {2217115B-C126-496C-81A0-66AD93BC269F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {2FB3EA56-DAB2-4E85-8BD2-D4AB9FB4E464} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-08-24] (Piriform Ltd)
Task: {32D6206A-AE54-4DE6-A1B3-46A35707C17A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIA Corporation)
Task: {38A123D7-AD23-423F-830C-6320E9F19170} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {3A6F5B05-FD34-4F56-8B45-4E2C5C986252} - System32\Tasks\{42902C30-0FF3-4E86-96B9-BA3B7E1DAFC6} => C:\windows\system32\pcalua.exe -a "C:\Users\Michal Trnka\Desktop\wow\Wow.exe" -d "C:\Users\Michal Trnka\Desktop\wow"
Task: {4466DF7B-36C9-40AB-B538-82D3822910A4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {4C121636-6B35-476D-AB3A-FCF2D3F9093F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIA Corporation)
Task: {5336F57B-1FCE-4DA0-A784-FF893CCE1E22} - System32\Tasks\{EBA6E84E-0B5E-4A9A-9077-71B825860688} => c:\program files (x86)\maxthon\bin\maxthon.exe [2017-11-16] (Maxthon International ltd.)
Task: {59B7C188-99F4-4967-B4D7-D2A8D5EA2A72} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {7155847B-CCE6-4A03-911C-F6D06C28C185} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
Task: {7AC0C181-1D4D-44A7-B4B0-DAF42E92B00E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {7E739518-9545-4D43-BCC2-B7D56A0551C4} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {7FAEBC26-90AC-4083-9ABC-A5A77A5330C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-23] (Google Inc.)
Task: {9D5EAA59-4244-4C78-8938-8DB34A9D7EEC} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2017-11-16] (Maxthon International ltd.)
Task: {B17E3DD0-FDD7-4067-9B92-CA1D6E1C2F31} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-07-07] (Oracle Corporation)
Task: {B4584683-AD86-4A76-AA17-2C4A0F6B3C25} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-08-24] (Piriform Ltd)
Task: {BBA633AB-F8CE-44CB-8EAC-F7FD3BF39542} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {BCA7836D-16E6-493A-A646-7DDCDCC37BB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-23] (Google Inc.)
Task: {C24D3C10-067C-46BD-95B6-E28526208BC6} - System32\Tasks\{4492A76E-DA26-4316-BBDC-71F74815561D} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\Risen CZ\bin\Risen.exe" -d "C:\Program Files (x86)\Risen CZ\bin\"
Task: {C4B349AA-3735-4A2F-A498-B421D13D15B6} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-24] (Synaptics Incorporated)
Task: {DB376A47-B68E-415E-A5AE-38B3FD70553F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIA Corporation)
Task: {E2CAF684-14BF-45D4-ACBB-0068002A57F6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-02] (AVG Technologies CZ, s.r.o.)
Task: {F8B24EA1-39FD-4474-B047-E811233C4F6D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {FB8D9713-3BE6-4DD5-B2B0-286E0EB3E6E1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-11-29 00:38 - 2017-07-26 19:09 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-03-24 13:24 - 2016-11-24 21:39 - 000133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-17 17:55 - 2016-04-17 18:07 - 000076152 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2015-03-24 14:27 - 2015-03-24 14:27 - 000068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2015-03-24 14:27 - 2015-03-24 14:27 - 000669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2018-09-17 12:40 - 2017-11-13 16:46 - 000092368 _____ () C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\23115libfoxloader-x64.dll
2015-03-24 13:39 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2017-06-16 15:58 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2018-08-24 20:37 - 2018-08-24 20:37 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-06-01 12:18 - 2014-06-01 12:18 - 001396736 _____ () C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe
2014-06-01 12:18 - 2014-06-01 12:18 - 000046592 _____ () C:\Program Files (x86)\Codebox\BitMeter\cs\BitMeter2.resources.dll
2016-02-07 10:18 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2015-03-24 14:20 - 2014-07-10 02:19 - 000592880 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2015-03-24 14:20 - 2014-07-10 02:19 - 000397296 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
2018-09-18 16:16 - 2018-09-15 10:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-18 16:16 - 2018-09-15 10:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2017-12-21 17:56 - 2016-09-13 15:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-12-21 17:56 - 2016-09-13 15:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-12-21 17:56 - 2016-09-13 15:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-12-21 17:56 - 2017-05-12 12:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-12-17 17:30 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\6057libfoxloader.dll
2015-03-24 14:24 - 2014-07-04 06:35 - 000627672 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2014-07-04 21:35 - 2014-07-04 21:35 - 000016856 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2016-02-07 10:18 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2016-11-29 00:38 - 2017-07-26 19:09 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-03-24 13:30 - 2013-09-16 21:20 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.

IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2018-10-03 17:02 - 000454695 ____R C:\windows\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15607 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-118406243-1781282106-884721309-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal Trnka\Pictures\desert.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\StartupApproved\Run: => "GSplay.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8882C182-F293-4362-8EDF-2B3C864B7CA1}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3E66E595-FB1C-4DF7-9F3D-6DD32C732D69}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{C202077D-F6A6-4726-85A5-E1221C007413}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{A5AE4A9F-6110-4288-B19F-BEA5BC91EBA6}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{0FF8A70A-7348-4BA7-BB4A-13B5C24B338C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{8D6AD4D4-A7B6-493D-A869-B8BEB7168A7A}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{C50CEF13-9E44-4D2F-A93C-06CEA4873342}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{05F56B72-0F68-4DD9-9A28-847C5E064240}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{14CD9214-B1B7-48B7-BC49-914E95F0A5F3}] => (Allow) LPort=55100
FirewallRules: [{C74134C7-ECCB-49CF-9B48-06677F7B70E5}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{6F78FD67-3724-4C9B-AE8D-19091FA1F8B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E7A4B2A-3BD5-45A1-B74A-3CD32257FE4A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C555C50A-AAE5-4568-9811-E820C5E4B700}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2467C53E-981D-490E-B624-F3BF2756913B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{91257A06-30A4-4F1A-98B7-96C20AC76EDA}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{6691C86C-B336-465C-BC8F-0881B083EF12}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{154409C6-B9AB-485E-9B7E-63A4B8C3CF7A}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{A31B5A19-F3AC-491B-8E20-F4C40A8A1482}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{FD0A3232-890A-40D4-957C-77B3C4D62721}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{40799D36-1776-4B1F-8A86-952E5318AC26}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1DA2E0E3-F412-47A7-9C66-D1C7965F329F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{28384F2A-E518-48A0-817F-F5D937491AEB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AEF2DBF5-10B8-4C0E-A0C0-3A9FABEAD976}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{CD76CE10-5E6D-40AC-9D9C-0BD0F5F7426C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{4BEECFBB-DF7F-428A-9953-033574DCA439}C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D6861D6E-DAD3-4833-BF52-1B2038105BA2}C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{4FA68D61-170B-429D-A6F9-0DD2E5CDC529}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{950DFF18-C3EE-43C6-92F2-E7F52BD07D4E}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Allow) C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe
FirewallRules: [UDP Query User{70350928-9B6E-4D61-B487-6EDF8A497365}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Allow) C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe
FirewallRules: [{66BC8F9A-3F71-4406-BFE6-89A23B9BEB88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E0988024-6FEC-4443-84AC-50002888CCC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{47719F0B-2B4F-402F-A182-ADC7FBB32C9C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A3E5377F-AC09-4CF8-BB34-93A149B7013C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8A07FA8E-30A1-4161-97D2-AA157F763C8F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD171CBC-B891-4C70-B2C2-E4ADE12692D5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{52B7BFD2-11B4-4BC6-BBCA-9B6CF133D8E4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{97B33E70-920A-433B-963A-FFA129EF9DC0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{502E9F97-99FD-4903-88CD-9D906802EB66}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CC4A1325-CF22-4748-B229-6922AED81ABC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{FC947667-8E9E-40D9-A76E-C4967D632B12}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{2DB4FCC0-3EE6-43DD-AC09-E20AEB9E9B2C}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [TCP Query User{B2B00291-33AD-408A-8F46-C66AF7D2F548}C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{1BF176D3-033C-479C-8651-3DADCACDC749}C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{E9BEB7FD-CA16-44A7-B53C-097510297F8B}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{0EFFC477-3CCD-4DB9-AEA7-F31895072F32}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{C013215E-33B2-4AE5-9935-69A0DF5EFDE5}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{27FE5B6E-ADAE-4D34-B4FB-6A4A057DBF80}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [TCP Query User{3E0F0578-8FD8-42E5-A1C3-7BE34F5FADBF}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{4467A6FA-70F5-45EF-A4BE-5FDBC535D7EE}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [{86DB8A5D-6CDC-46FB-80DD-CB5FEAAD0EED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [{CBA4C001-2D27-4785-8746-00910F67DD0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [TCP Query User{0433BFC9-FBC6-49E2-AB69-BE1401E6EB5B}C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{C1E4F8C4-BAC8-4DAE-A222-841160A721EB}C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [{671AC80C-D0B4-4711-9371-93C914529604}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{ED204C46-9238-49E8-BABD-459E4D49A169}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{6269DC4F-B548-47B7-BB55-195ADCCBD54D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Colony Survival\colonyclient.exe
FirewallRules: [{AFF5F86D-8DC9-44B4-A513-DC56D617B043}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Colony Survival\colonyclient.exe
FirewallRules: [TCP Query User{02963FEE-63EF-49BE-9766-9B054883B07F}C:\program files (x86)\steam\steamapps\common\colony survival\colonyserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\colony survival\colonyserver.exe
FirewallRules: [UDP Query User{EB26D7F0-1DB7-444E-B52B-2508E0B49F8D}C:\program files (x86)\steam\steamapps\common\colony survival\colonyserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\colony survival\colonyserver.exe
FirewallRules: [{C83E022D-7962-4703-9BC8-DCDB26D75D47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{43CBAD47-05B7-4D81-A75B-5958A7B48A12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7430A91A-E2C5-4252-A9DB-595571B0D60C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{73D856DA-8D75-43D6-8946-0343913FDB16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A2173970-5B04-4DBB-AFA9-DD57579423F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{69B44FD0-FFE9-4B58-B439-E895E8BE3675}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{5824C58C-4128-43CE-8397-47B575A232CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{F6BB7C96-F681-4BCA-B7C6-26086E2874D9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{DAA9274E-DBB6-405A-8ACA-457A0EA54420}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{98DC56B5-E7FC-484B-A59A-8B214B0993F2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{28D97E34-530A-4B8C-8AA2-8E7CD4C17E90}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{6C1DECA4-48D6-4C7C-9030-4C6E4C44C4E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{F1D7C20A-DF10-4138-A82E-51FEE1438DEC}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe
FirewallRules: [UDP Query User{56E7416C-C786-460E-92E4-D75C3DA15681}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

13-09-2018 16:11:52 Windows Update
03-10-2018 16:49:56 Removed VEGAS Pro 14.0 (64-bit)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2018 04:16:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostex (5772) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Michal Trnka\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1811 (0xfffff8ed).

Error: (09/18/2018 11:16:11 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (4844) Pokus o otevření souboru C:\Users\Michal Trnka\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (09/05/2018 04:09:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: The data is invalid.
.

Error: (09/01/2018 02:15:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SDScan.exe verze 2.6.46.181 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: e4c

Čas spuštění: 01d441c361de49aa

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

ID hlášení: b877f769-ade0-11e8-82cf-f4066995c7e2

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/22/2018 04:11:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (07/25/2018 05:52:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LeagueClientUx.exe verze 8.14.238.5230 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1dc0

Čas spuštění: 01d4235832920a62

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.156\deploy\LeagueClientUx.exe

ID hlášení: 373c4f7b-8fbe-11e8-82ca-f4066995c7e2

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (07/24/2018 04:48:22 AM) (Source: VSS) (EventID: 12292) (User: )
Description: Chyba služby Stínová kopie svazků: Při vytváření třídy zprostředkovatele stínové kopie modelu COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
] došlo k chybě.


Operation:
Obtain a callable interface for this provider
Obtaining provider management interface

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {00000000-0000-0000-0000-000000000000}
Snapshot Context: -1
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (07/24/2018 04:48:22 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} a názvem SW_PROV nelze spustit. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
Obtain a callable interface for this provider
Obtaining provider management interface

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {00000000-0000-0000-0000-000000000000}
Snapshot Context: -1
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}


System errors:
=============
Error: (10/03/2018 05:53:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba ESET Service je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (10/03/2018 04:42:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/03/2018 04:42:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (10/03/2018 04:40:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/03/2018 04:40:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (10/03/2018 04:37:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/03/2018 04:20:13 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Výstraha o závažné chybě byla vygenerována a zaslána na vzdálený koncový bod. To může vést k ukončení připojení. Kód závažné chyby definovaný protokolem TLS: 70. Stav chyby Windows SChannel: 105

Error: (10/03/2018 04:20:13 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Výstraha o závažné chybě byla vygenerována a zaslána na vzdálený koncový bod. To může vést k ukončení připojení. Kód závažné chyby definovaný protokolem TLS: 70. Stav chyby Windows SChannel: 105


Windows Defender:
===================================
Date: 2016-04-19 12:34:25.169
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {67A0CCA7-1029-47D4-B855-29301DC93CCA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-04-18 10:01:49.562
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D4F56292-1E00-476D-AFF7-D98BE3633714}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-04-18 09:51:34.108
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C2EC7603-7138-4EEC-8F27-A303A4DCCE7A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-04-17 16:22:01.912
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0DC26626-4907-4F46-A541-5F3C71B70C35}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-04-17 16:00:17.461
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E58263C1-F066-420A-8AB6-DED3980A5D21}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2015-12-28 15:55:38.173
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.213.1120.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.12400.0
Kód chyby: 0x8024402c
Popis chyby :An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2015-12-27 09:49:36.103
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: The resource is too old to be compatible.
Verze podpisu: 1.185.414.0;1.185.414.0
Verze modulu: 1.1.11005.0

CodeIntegrity:
===================================

Date: 2018-03-15 13:13:17.454
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:16.694
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:16.005
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:15.316
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:14.614
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:13.915
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:13.193
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:12.518
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 34%
Total physical RAM: 8084.27 MB
Available physical RAM: 5284.77 MB
Total Virtual: 9364.27 MB
Available Virtual: 6716.14 MB

==================== Drives ================================

Drive c: (Vicitims) (Fixed) (Total:889.87 GB) (Free:87.81 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.78 GB) NTFS

\\?\Volume{18e4ad6e-4d77-49f1-89b6-5978a1fd94d7}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{312a3243-1def-4ffe-b89a-7439d448913f}\ (PBR_DRV) (Fixed) (Total:14.31 GB) (Free:1.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DCAE6283)

Partition: GPT.

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Pomoc s pc? prosím

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Vicitims
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 03 říj 2018 17:21

Re: Pomoc s pc? prosím

#3 Příspěvek od Vicitims »

Jdu na to díky :)

Vicitims
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 03 říj 2018 17:21

Re: Pomoc s pc? prosím

#4 Příspěvek od Vicitims »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-01.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-03-2018
# Duration: 00:00:51
# OS: Windows 8.1
# Cleaned: 36
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Public\Pokki
Deleted C:\Users\Michal Trnka\AppData\Roaming\RHEng
Deleted C:\ProgramData\BSD\DriverHiveEngine
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\ProgramData\BSD\DriverHive

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Pokki
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM1
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
Deleted HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKU\S-1-5-18\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKCU\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKU\S-1-5-20\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKU\S-1-5-19\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKU\.DEFAULT\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Amazon Assistant Service
Deleted HKCU\Software\BSD
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Deleted HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{981b174d-7733-4e7f-b89d-6545a7c21838}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
Deleted HKLM\Software\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] remove_folder_Auslogics
[+] remove_folder_Auslogics(2)
[+] remove_folder_Auslogics(3)
[+] remove_folder_Auslogics(4)
[+] remove_regKey_Auslogics
[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5283 octets] - [03/10/2018 18:46:43]
AdwCleaner[S01].txt - [5344 octets] - [03/10/2018 18:49:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Pomoc s pc? prosím

#5 Příspěvek od Conder »

:arrow: Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Vicitims
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 03 říj 2018 17:21

Re: Pomoc s pc? prosím

#6 Příspěvek od Vicitims »

Ahoj :) tady to je


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.10.2018
Ran by MichalTrnka (administrator) on VICITIMS (05-10-2018 17:31:32)
Running from C:\Users\Michal Trnka\Desktop
Loaded Profiles: MichalTrnka (Available Profiles: MichalTrnka)
Platform: Windows 8.1 (Update) (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo) C:\Program Files\lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
() C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe
() C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-12-23] (Realtek semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-03-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-03-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-09-04] (ESET)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-08-24] (Piriform Ltd)
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\RunOnce: [Uninstall C:\Users\Michal Trnka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michal Trnka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b55dde-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b55fe6-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b560d3-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {7a09b9f8-8272-11e5-8265-f4066995c7e2} - "F:\autorun.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {8e53c2e0-18b1-11e6-827f-f4066995c7e2} - "G:\autorun.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {c5c49785-50c1-11e6-8286-f4066995c7e2} - "I:\setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {df2f3ce1-2ee9-11e6-8280-f4066995c7e2} - "H:\setup.exe"
HKU\S-1-5-18\...\Run: [] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bitmeter2.lnk [2015-10-18]
ShortcutTarget: Bitmeter2.lnk -> C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{5F1EC7F4-4608-4C58-9085-29C0F99A3485}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{F7075E92-B5C9-49D7-A648-DE816D87CF41}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-118406243-1781282106-884721309-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> DefaultScope {874A607E-B5C4-458D-93AA-20A552F0EB24} URL =
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {35E13BED-809F-4DB7-B57B-FF5BD98A771E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {461D619A-50EE-47E1-8868-803755AEDF7B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {4E2526FF-EDA1-498D-90EF-B83A754638B3} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {874A607E-B5C4-458D-93AA-20A552F0EB24} URL =
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {8ED74BA1-FEEF-447B-AD15-7EAAEA3657B6} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {922D5792-21AF-4002-95FC-0DB05774F8A1} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {A8092064-11AF-4F88-B968-EC065B118701} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {AF3C323B-DAAD-4B11-8D1D-F7F5160FE430} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {B3EC9C1A-ACB3-440B-93DD-9BF2AA3DBA0E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {BB110623-C8AA-462A-B149-65D5C31508B8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-31] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-31] (Oracle Corporation)

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-31] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default [2018-10-05]
CHR Extension: (Prezentace) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-06]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-09-08]
CHR Extension: (YouTube) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-19]
CHR Extension: (Skype) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-06]
CHR Extension: (Gmail) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-13]
CHR Extension: (Chrome Media Router) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R2 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [529056 2017-11-20] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2260144 2018-09-04] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2260144 2018-09-04] (ESET)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [318568 2014-08-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-03-24] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1880864 2018-02-13] (Maxthon)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-21] ()
S3 npggsvc; C:\windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.)
S2 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2147216 2017-05-07] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3116440 2017-05-07] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2016-04-17] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2015-03-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-21] (Intel® Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\windows\System32\DRIVERS\atksgt.sys [310984 2016-08-09] ()
S3 avgTap; C:\windows\system32\DRIVERS\avgTap.sys [54888 2017-11-01] (The OpenVPN Project)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-06] (Disc Soft Ltd)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [141512 2018-09-04] (ESET)
R0 edevmon; C:\windows\System32\DRIVERS\edevmon.sys [109232 2018-09-04] (ESET)
S0 eelam; C:\windows\System32\DRIVERS\eelam.sys [15872 2018-09-04] (ESET)
R1 ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [188824 2018-09-04] (ESET)
R2 ekbdflt; C:\windows\system32\DRIVERS\ekbdflt.sys [50144 2018-09-04] (ESET)
R1 epfw; C:\windows\system32\DRIVERS\epfw.sys [82304 2018-09-04] (ESET)
R1 epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [109864 2018-09-04] (ESET)
S3 Hamachi; C:\windows\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [220104 2014-08-07] (Intel Corporation)
R2 lirsgt; C:\windows\System32\DRIVERS\lirsgt.sys [42696 2016-08-09] ()
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\NETwbw02.sys [3609568 2013-12-25] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [9101016 2013-12-23] (Realtek Semiconductor Corp.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2016-07-23] () [File not signed]
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 AVFSFilter; \SystemRoot\system32\DRIVERS\avfsfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-05 17:31 - 2018-10-05 17:32 - 000025243 _____ C:\Users\Michal Trnka\Desktop\FRST.txt
2018-10-05 17:30 - 2018-10-05 17:31 - 002414080 _____ (Farbar) C:\Users\Michal Trnka\Desktop\FRST64.exe
2018-10-03 18:45 - 2018-10-03 18:49 - 000000000 ____D C:\AdwCleaner
2018-10-03 18:44 - 2018-10-03 18:44 - 007592144 _____ (Malwarebytes) C:\Users\Michal Trnka\Downloads\adwcleaner_7.2.4.0.exe
2018-10-03 18:02 - 2018-10-05 17:31 - 000000000 ____D C:\FRST
2018-10-03 17:57 - 2018-10-03 17:57 - 000001967 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2018-10-03 17:54 - 2018-10-03 17:54 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\ESET
2018-10-03 17:53 - 2018-10-03 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-10-03 17:53 - 2018-10-03 17:53 - 000000000 ____D C:\ProgramData\ESET
2018-10-03 17:53 - 2018-10-03 17:53 - 000000000 ____D C:\Program Files\ESET
2018-10-03 17:49 - 2018-10-03 17:49 - 004279416 _____ (ESET) C:\Users\Michal Trnka\Downloads\eset_internet_security_live_installer.exe
2018-10-03 17:02 - 2018-10-03 16:21 - 000454378 _____ C:\windows\system32\Drivers\etc\hosts.20181003-170257.backup
2018-10-03 16:34 - 2018-10-03 16:34 - 000000000 _____ C:\windows\SysWOW64\last.dump
2018-10-02 20:17 - 2018-10-02 20:17 - 000000968 _____ C:\Users\Public\Desktop\Bandicam.lnk
2018-10-02 20:17 - 2018-10-02 20:17 - 000000000 ____D C:\Program Files (x86)\Bandicam
2018-10-02 20:04 - 2018-10-02 20:04 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\BANDISOFT
2018-10-01 18:55 - 2018-10-01 19:37 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\obs-studio
2018-10-01 18:55 - 2018-10-01 18:55 - 000001031 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2018-10-01 18:55 - 2018-10-01 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2018-10-01 18:54 - 2018-10-01 18:55 - 000000000 ____D C:\Program Files\obs-studio
2018-10-01 17:10 - 2018-10-01 17:10 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\Publish Providers
2018-10-01 17:10 - 2018-10-01 17:10 - 000000000 ____D C:\ProgramData\VEGAS Pro
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\VEGAS Pro
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\VEGAS
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\MAGIX
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\VEGAS Pro
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\Sony
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\ProgramData\Magix
2018-10-01 17:05 - 2018-10-03 16:51 - 000000000 ____D C:\ProgramData\VEGAS
2018-10-01 17:05 - 2018-10-01 17:05 - 000000000 ____D C:\Program Files\VEGAS
2018-10-01 17:04 - 2018-10-01 17:04 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\Sony
2018-09-12 21:30 - 2018-08-28 07:39 - 001491032 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2018-09-12 21:30 - 2018-08-28 05:46 - 001764408 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2018-09-12 21:30 - 2018-08-28 03:36 - 001311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2018-09-12 21:30 - 2018-08-28 03:36 - 000340480 _____ (Microsoft Corporation) C:\windows\SysWOW64\msexcl40.dll
2018-09-12 21:30 - 2018-08-24 01:05 - 025736704 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-09-12 21:30 - 2018-08-24 00:54 - 000289280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
2018-09-12 21:30 - 2018-08-24 00:34 - 005779456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-09-12 21:30 - 2018-08-23 23:40 - 001555456 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-09-12 21:30 - 2018-08-23 23:27 - 020279296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-09-12 21:30 - 2018-08-23 22:51 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-09-12 21:30 - 2018-08-23 22:27 - 001329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-09-12 21:30 - 2018-08-14 03:22 - 022374608 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2018-09-12 21:30 - 2018-08-14 03:19 - 019790752 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2018-09-12 21:30 - 2018-08-13 22:06 - 002530384 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2018-09-12 21:30 - 2018-08-13 22:03 - 001903744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2018-09-12 21:30 - 2018-08-13 21:32 - 001368680 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2018-09-12 21:30 - 2018-08-13 15:40 - 001754112 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2018-09-12 21:30 - 2018-08-13 15:39 - 001491968 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2018-09-12 21:30 - 2018-08-13 15:33 - 001085440 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2018-09-12 21:30 - 2018-08-12 21:23 - 007373544 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-09-12 21:30 - 2018-08-12 21:06 - 001676056 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-09-12 21:30 - 2018-08-12 21:06 - 001536120 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2018-09-12 21:30 - 2018-08-12 21:06 - 001500432 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-09-12 21:30 - 2018-08-12 21:06 - 001371352 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2018-09-12 21:30 - 2018-08-12 21:04 - 002451808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-09-12 21:30 - 2018-08-12 18:31 - 002347520 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2018-09-12 21:30 - 2018-08-12 18:06 - 001556480 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2018-09-12 21:30 - 2018-08-09 19:39 - 000113664 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2018-09-12 21:30 - 2018-08-09 18:41 - 000073728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2018-09-12 21:30 - 2018-08-09 18:39 - 000148992 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2018-09-12 21:30 - 2018-07-29 15:44 - 001265664 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2018-09-12 21:30 - 2018-07-24 19:50 - 006522344 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2018-09-12 21:30 - 2018-07-24 19:50 - 001488008 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2018-09-12 21:30 - 2018-07-24 19:50 - 000261408 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2018-09-12 21:30 - 2018-07-24 15:45 - 000685056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2018-09-12 21:30 - 2018-07-18 15:34 - 000101376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2018-09-12 21:30 - 2018-07-06 19:14 - 000346112 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2018-09-12 21:30 - 2018-07-06 18:22 - 000299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
2018-09-12 21:30 - 2018-07-06 01:17 - 001115648 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2018-09-12 21:30 - 2018-06-26 17:25 - 000425984 _____ (Microsoft Corporation) C:\windows\system32\PCPTpm12.dll
2018-09-12 21:30 - 2018-06-26 17:14 - 000367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\PCPTpm12.dll
2018-09-12 21:30 - 2018-06-21 15:31 - 001200640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2018-09-12 21:30 - 2018-06-21 15:30 - 000868864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2018-09-12 21:29 - 2018-08-24 00:43 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-09-12 21:29 - 2018-08-24 00:33 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-09-12 21:29 - 2018-08-24 00:08 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2018-09-12 21:29 - 2018-08-24 00:01 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-09-12 21:29 - 2018-08-24 00:00 - 015283712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-09-12 21:29 - 2018-08-23 23:52 - 004510720 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-09-12 21:29 - 2018-08-23 23:28 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-09-12 21:29 - 2018-08-23 23:15 - 000497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-09-12 21:29 - 2018-08-23 23:06 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-09-12 21:29 - 2018-08-23 22:49 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2018-09-12 21:29 - 2018-08-23 22:48 - 013679616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-09-12 21:29 - 2018-08-23 22:44 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-09-12 21:29 - 2018-08-23 22:30 - 004037632 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-09-12 21:29 - 2018-08-23 22:24 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-09-12 21:29 - 2018-08-13 15:30 - 000043520 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2018-09-12 21:29 - 2018-08-13 15:29 - 000057344 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2018-09-12 21:29 - 2018-08-09 19:40 - 000078336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2018-09-12 21:29 - 2018-08-09 18:59 - 000543232 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll
2018-09-12 21:29 - 2018-08-09 18:41 - 000096768 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2018-09-12 21:29 - 2018-06-21 15:24 - 000513456 _____ C:\windows\SysWOW64\locale.nls
2018-09-12 21:29 - 2018-06-21 15:24 - 000513456 _____ C:\windows\system32\locale.nls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-05 17:32 - 2015-10-18 09:49 - 000000000 ____D C:\ProgramData\Bitmeter2
2018-10-05 17:28 - 2016-01-20 17:28 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\Battle.net
2018-10-05 17:03 - 2018-08-15 19:17 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2018-10-05 17:02 - 2016-01-20 17:27 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-10-05 16:10 - 2015-11-06 18:51 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz
2018-10-05 16:09 - 2015-03-24 13:24 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-05 16:05 - 2015-10-13 07:46 - 000000000 ____D C:\Program Files (x86)\Steam
2018-10-04 18:59 - 2016-03-20 14:12 - 000000000 ____D C:\Users\Michal Trnka\Downloads\Hudba
2018-10-04 16:05 - 2018-02-21 22:48 - 000004128 _____ C:\windows\System32\Tasks\CCleaner Update
2018-10-03 21:28 - 2015-10-13 02:20 - 000003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-118406243-1781282106-884721309-1002
2018-10-03 18:52 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-10-03 18:51 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2018-10-03 18:50 - 2015-03-24 14:27 - 000016896 _____ C:\windows\system32\VfService.trf
2018-10-03 18:49 - 2016-01-15 18:58 - 000000000 ____D C:\ProgramData\BSD
2018-10-03 17:54 - 2013-08-22 17:36 - 000000000 ___HD C:\windows\ELAMBKUP
2018-10-03 17:54 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf
2018-10-03 16:54 - 2017-12-21 17:56 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-10-03 16:49 - 2016-06-10 10:11 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\AvgSetupLog
2018-10-03 16:49 - 2015-11-06 18:54 - 000000000 ____D C:\Program Files (x86)\AVG
2018-10-03 16:49 - 2015-11-06 18:53 - 000000000 ____D C:\ProgramData\AVG
2018-10-03 16:44 - 2015-10-17 19:12 - 000000000 ___RD C:\Users\Michal Trnka\Desktop\sračky
2018-10-03 16:41 - 2017-01-10 19:46 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-10-03 16:39 - 2018-03-21 17:52 - 000501552 _____ C:\windows\system32\FNTCACHE.DAT
2018-10-03 16:39 - 2015-11-06 18:54 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\AVG
2018-10-02 20:27 - 2016-05-15 15:10 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\uTorrent
2018-10-01 19:21 - 2016-02-07 10:18 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\vlc
2018-10-01 16:02 - 2016-03-20 14:14 - 000000000 ____D C:\Users\Michal Trnka\Downloads\Filmy
2018-09-23 03:32 - 2017-07-27 01:53 - 000003184 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-118406243-1781282106-884721309-1002
2018-09-23 03:32 - 2016-04-23 18:21 - 000002351 _____ C:\Users\Michal Trnka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2018-09-18 16:16 - 2017-12-23 10:46 - 000002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-18 16:16 - 2017-12-23 10:46 - 000002171 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-17 05:54 - 2016-11-29 00:40 - 000003852 _____ C:\windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-17 05:54 - 2016-11-29 00:38 - 000003738 _____ C:\windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-17 05:54 - 2016-11-29 00:38 - 000003494 _____ C:\windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-17 05:53 - 2018-07-03 19:57 - 000003608 _____ C:\windows\System32\Tasks\Maxthon5 Update
2018-09-17 05:53 - 2017-04-01 07:20 - 000003082 _____ C:\windows\System32\Tasks\{EBA6E84E-0B5E-4A9A-9077-71B825860688}
2018-09-17 05:53 - 2015-03-24 14:26 - 000003056 _____ C:\windows\System32\Tasks\PDVDServ Task
2018-09-17 05:53 - 2015-03-24 13:32 - 000002990 _____ C:\windows\System32\Tasks\Synaptics TouchPad Enhancements
2018-09-16 12:06 - 2017-12-23 10:45 - 000003258 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-09-14 20:37 - 2013-08-22 17:36 - 000000000 ____D C:\windows\rescache
2018-09-14 05:55 - 2013-08-22 17:36 - 000000000 ___RD C:\windows\ToastData
2018-09-13 16:24 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2018-09-13 16:16 - 2015-12-11 15:36 - 000000000 ____D C:\windows\system32\MRT
2018-09-13 16:13 - 2015-10-14 07:26 - 139184408 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-09-10 16:12 - 2015-11-06 20:47 - 000000000 ____D C:\Program Files\CCleaner
2018-09-05 00:06 - 2018-03-15 15:44 - 000835144 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-09-05 00:06 - 2018-03-15 15:44 - 000179808 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-08-01 03:08 - 2016-08-01 03:08 - 000000010 _____ () C:\Users\Michal Trnka\AppData\Roaming\dmcusername.file
2016-08-01 03:08 - 2016-08-01 03:08 - 000000000 _____ () C:\Users\Michal Trnka\AppData\Roaming\pof.exact
2018-01-14 21:16 - 2018-01-14 21:16 - 000001475 _____ () C:\Users\Michal Trnka\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-02 18:16

==================== End of FRST.txt ============================










Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04.10.2018
Ran by MichalTrnka (05-10-2018 17:32:36)
Running from C:\Users\Michal Trnka\Desktop
Windows 8.1 (Update) (X64) (2015-10-13 00:12:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-118406243-1781282106-884721309-500 - Administrator - Disabled)
Guest (S-1-5-21-118406243-1781282106-884721309-501 - Limited - Disabled)
MichalTrnka (S-1-5-21-118406243-1781282106-884721309-1002 - Administrator - Enabled) => C:\Users\Michal Trnka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.)
Aktualizace NVIDIA 27.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 27.1.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.09 - NVIDIA Corporation) Hidden
Aureria Classic verze revize 2. (HKLM-x32\...\{C4B0E2AA-A2D7-4873-AE29-00A16193894D}_is1) (Version: revize 2. - SimplyGames.cz)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.1.0.1064 - Bandisoft.com)
Banished (HKLM-x32\...\1207660783_is1) (Version: 2.5.0.9 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BitMeter (HKLM-x32\...\BitMeter) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
Counter-Strike 1.6 (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Counter-Strike 1.6) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Download Manager (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\e10685ec571b7282) (Version: 4.0.0.18 - Also Digital B.V.)
Ekura (HKLM-x32\...\Sindicate Ekura) (Version: 12.159.10674 - Sindicate)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
ESET Security (HKLM\...\{0813F772-F554-4DA9-9CEA-ABCE6321BDFD}) (Version: 11.2.63.0 - ESET, spol. s r.o.)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Gameforge Live 2.0.13 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gothic (HKLM-x32\...\{C16ADB2B-37C8-4AF8-A7D2-3A4B1BEF9662}) (Version: 1.00.0000 - Piranha Bytes) Hidden
Gothic (HKLM-x32\...\InstallShield_{C16ADB2B-37C8-4AF8-A7D2-3A4B1BEF9662}) (Version: 1.00.0000 - Piranha Bytes)
Gothic II Gold (HKLM-x32\...\{8B95673D-2D4C-4216-ADA2-3660973700BF}) (Version: 1.00.0000 - CD Projekt) Hidden
Gothic II Gold (HKLM-x32\...\InstallShield_{8B95673D-2D4C-4216-ADA2-3660973700BF}) (Version: 1.00.0000 - CD Projekt)
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{07BE4679-4318-4413-9701-B3D91354F10C}) (Version: - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version: - )
Heroes of Might and Magic V (HKLM-x32\...\{8829DAD4-8F07-4A96-B995-15498EBB8045}) (Version: - )
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.91 - Riot Games, Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eff1d9d1-41fa-49ef-a986-082bfe49c293}) (Version: 16.8.0 - Intel Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
KClip 1.0.2 VST x64 Demo version 1.0.2 (HKLM-x32\...\{64DAC5E3-1149-43BD-92CB-64D84F92C0CB}_is1) (Version: 1.0.2 - Kazrog LLC)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.1.2 - PandoraTV)
League of Legends (HKLM-x32\...\{6FEDADF5-40EC-4E18-A376-0FDBACE65338}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10256 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
Metin2 (HKLM-x32\...\Metin2_CZ_is1) (Version: - Gameforge 4D GmbH)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft OneDrive (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OpenOffice 4.1.4 (HKLM-x32\...\{726F81BD-FECF-412D-917B-F237CD6C8FFE}) (Version: 4.14.9787 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.09 - NVIDIA Corporation) Hidden
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Rise of Nations: Extended Edition (HKLM-x32\...\Rise of Nations: Extended Edition_is1) (Version: - Microsoft Studios)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
Seznam Software (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.28 (HKLM-x32\...\Skype_is1) (Version: 8.28 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\TeamSpeak 3 Client) (Version: 3.1.9 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VLC MEDIA player cz plna verze zdarma 2013 version for Windows (HKLM-x32\...\{6AE0F474-EC64-21CF-4936-B40E009DEC8D}_is1) (Version: for Windows - )
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Winrar 4.11_64bit_32_bit+full+cz version for Windows (HKLM-x32\...\{A9B1D15A-58A6-6A5A-525C-33F3BFE7819C}_is1) (Version: for Windows - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zaklínač - Rozšířená edice (HKLM-x32\...\{86ACE727-A4F2-4B28-A37D-254D9CC03156}) (Version: 1.5 - CD Projekt Red)
Zaklínač (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (Cyberlink)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-04] (ESET)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (Cyberlink)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-04] (ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-08-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2016-11-24] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-04] (ESET)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {038E31AC-D811-40D9-828C-C0069E56D5C1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIA Corporation)
Task: {05043A26-B997-4CCC-BE00-F294A822232E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {0EA1A0E8-E26E-46B8-8873-70CBE964EA0B} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon\bin\Maxthon.exe [2017-11-16] (Maxthon International ltd.)
Task: {18A9FCAD-828C-44B5-80D3-058B2FD371E9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2018-09-13] (Microsoft Corporation)
Task: {1BA14702-5C69-438B-BB65-38633E55FA6F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [2018-10-02] (AVAST Software)
Task: {2217115B-C126-496C-81A0-66AD93BC269F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {2FB3EA56-DAB2-4E85-8BD2-D4AB9FB4E464} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-08-24] (Piriform Ltd)
Task: {32D6206A-AE54-4DE6-A1B3-46A35707C17A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIA Corporation)
Task: {38A123D7-AD23-423F-830C-6320E9F19170} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {3A6F5B05-FD34-4F56-8B45-4E2C5C986252} - System32\Tasks\{42902C30-0FF3-4E86-96B9-BA3B7E1DAFC6} => C:\windows\system32\pcalua.exe -a "C:\Users\Michal Trnka\Desktop\wow\Wow.exe" -d "C:\Users\Michal Trnka\Desktop\wow"
Task: {4466DF7B-36C9-40AB-B538-82D3822910A4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {4C121636-6B35-476D-AB3A-FCF2D3F9093F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIA Corporation)
Task: {5336F57B-1FCE-4DA0-A784-FF893CCE1E22} - System32\Tasks\{EBA6E84E-0B5E-4A9A-9077-71B825860688} => c:\program files (x86)\maxthon\bin\maxthon.exe [2017-11-16] (Maxthon International ltd.)
Task: {59B7C188-99F4-4967-B4D7-D2A8D5EA2A72} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {7155847B-CCE6-4A03-911C-F6D06C28C185} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
Task: {7AC0C181-1D4D-44A7-B4B0-DAF42E92B00E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {7E739518-9545-4D43-BCC2-B7D56A0551C4} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {7FAEBC26-90AC-4083-9ABC-A5A77A5330C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-23] (Google Inc.)
Task: {9D5EAA59-4244-4C78-8938-8DB34A9D7EEC} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2017-11-16] (Maxthon International ltd.)
Task: {B17E3DD0-FDD7-4067-9B92-CA1D6E1C2F31} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-07-07] (Oracle Corporation)
Task: {B4584683-AD86-4A76-AA17-2C4A0F6B3C25} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-08-24] (Piriform Ltd)
Task: {BBA633AB-F8CE-44CB-8EAC-F7FD3BF39542} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {BCA7836D-16E6-493A-A646-7DDCDCC37BB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-23] (Google Inc.)
Task: {C24D3C10-067C-46BD-95B6-E28526208BC6} - System32\Tasks\{4492A76E-DA26-4316-BBDC-71F74815561D} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\Risen CZ\bin\Risen.exe" -d "C:\Program Files (x86)\Risen CZ\bin\"
Task: {C4B349AA-3735-4A2F-A498-B421D13D15B6} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-24] (Synaptics Incorporated)
Task: {DB376A47-B68E-415E-A5AE-38B3FD70553F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIA Corporation)
Task: {E2CAF684-14BF-45D4-ACBB-0068002A57F6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-02] (AVG Technologies CZ, s.r.o.)
Task: {F8B24EA1-39FD-4474-B047-E811233C4F6D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {FB8D9713-3BE6-4DD5-B2B0-286E0EB3E6E1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-11-29 00:38 - 2017-07-26 19:09 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-04-17 17:55 - 2016-04-17 18:07 - 000076152 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2015-03-24 14:27 - 2015-03-24 14:27 - 000068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2015-03-24 14:27 - 2015-03-24 14:27 - 000669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2015-03-24 14:20 - 2014-07-10 02:19 - 000592880 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2015-03-24 13:24 - 2016-11-24 21:39 - 000133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-09-17 12:40 - 2017-11-13 16:46 - 000092368 _____ () C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\23115libfoxloader-x64.dll
2015-03-24 14:20 - 2014-07-10 02:19 - 000397296 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
2015-03-24 13:39 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-06-01 12:18 - 2014-06-01 12:18 - 001396736 _____ () C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe
2014-06-01 12:18 - 2014-06-01 12:18 - 000046592 _____ () C:\Program Files (x86)\Codebox\BitMeter\cs\BitMeter2.resources.dll
2017-06-16 15:58 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2016-02-07 10:18 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2017-12-21 17:56 - 2016-09-13 15:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-12-21 17:56 - 2016-09-13 15:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-12-21 17:56 - 2016-09-13 15:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-12-21 17:56 - 2017-05-12 12:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-03-24 13:30 - 2013-09-16 21:20 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-12-17 17:30 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\6057libfoxloader.dll
2016-02-07 10:18 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2015-03-24 14:24 - 2014-07-04 06:35 - 000627672 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2014-07-04 21:35 - 2014-07-04 21:35 - 000016856 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2016-11-29 00:38 - 2017-07-26 19:09 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.

IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2018-10-03 17:02 - 000454695 ____R C:\windows\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15607 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-118406243-1781282106-884721309-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal Trnka\Pictures\desert.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\StartupApproved\Run: => "GSplay.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8882C182-F293-4362-8EDF-2B3C864B7CA1}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3E66E595-FB1C-4DF7-9F3D-6DD32C732D69}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{C202077D-F6A6-4726-85A5-E1221C007413}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{A5AE4A9F-6110-4288-B19F-BEA5BC91EBA6}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{0FF8A70A-7348-4BA7-BB4A-13B5C24B338C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{8D6AD4D4-A7B6-493D-A869-B8BEB7168A7A}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{C50CEF13-9E44-4D2F-A93C-06CEA4873342}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{05F56B72-0F68-4DD9-9A28-847C5E064240}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{14CD9214-B1B7-48B7-BC49-914E95F0A5F3}] => (Allow) LPort=55100
FirewallRules: [{C74134C7-ECCB-49CF-9B48-06677F7B70E5}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{6F78FD67-3724-4C9B-AE8D-19091FA1F8B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E7A4B2A-3BD5-45A1-B74A-3CD32257FE4A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C555C50A-AAE5-4568-9811-E820C5E4B700}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2467C53E-981D-490E-B624-F3BF2756913B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{91257A06-30A4-4F1A-98B7-96C20AC76EDA}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{6691C86C-B336-465C-BC8F-0881B083EF12}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{154409C6-B9AB-485E-9B7E-63A4B8C3CF7A}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{A31B5A19-F3AC-491B-8E20-F4C40A8A1482}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{FD0A3232-890A-40D4-957C-77B3C4D62721}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{40799D36-1776-4B1F-8A86-952E5318AC26}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1DA2E0E3-F412-47A7-9C66-D1C7965F329F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{28384F2A-E518-48A0-817F-F5D937491AEB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AEF2DBF5-10B8-4C0E-A0C0-3A9FABEAD976}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{CD76CE10-5E6D-40AC-9D9C-0BD0F5F7426C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{4BEECFBB-DF7F-428A-9953-033574DCA439}C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D6861D6E-DAD3-4833-BF52-1B2038105BA2}C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{4FA68D61-170B-429D-A6F9-0DD2E5CDC529}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{950DFF18-C3EE-43C6-92F2-E7F52BD07D4E}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Allow) C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe
FirewallRules: [UDP Query User{70350928-9B6E-4D61-B487-6EDF8A497365}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Allow) C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe
FirewallRules: [{66BC8F9A-3F71-4406-BFE6-89A23B9BEB88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E0988024-6FEC-4443-84AC-50002888CCC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{47719F0B-2B4F-402F-A182-ADC7FBB32C9C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A3E5377F-AC09-4CF8-BB34-93A149B7013C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8A07FA8E-30A1-4161-97D2-AA157F763C8F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD171CBC-B891-4C70-B2C2-E4ADE12692D5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{52B7BFD2-11B4-4BC6-BBCA-9B6CF133D8E4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{97B33E70-920A-433B-963A-FFA129EF9DC0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{502E9F97-99FD-4903-88CD-9D906802EB66}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CC4A1325-CF22-4748-B229-6922AED81ABC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{FC947667-8E9E-40D9-A76E-C4967D632B12}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{2DB4FCC0-3EE6-43DD-AC09-E20AEB9E9B2C}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [TCP Query User{B2B00291-33AD-408A-8F46-C66AF7D2F548}C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{1BF176D3-033C-479C-8651-3DADCACDC749}C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{E9BEB7FD-CA16-44A7-B53C-097510297F8B}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{0EFFC477-3CCD-4DB9-AEA7-F31895072F32}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{C013215E-33B2-4AE5-9935-69A0DF5EFDE5}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{27FE5B6E-ADAE-4D34-B4FB-6A4A057DBF80}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [TCP Query User{3E0F0578-8FD8-42E5-A1C3-7BE34F5FADBF}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{4467A6FA-70F5-45EF-A4BE-5FDBC535D7EE}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [{86DB8A5D-6CDC-46FB-80DD-CB5FEAAD0EED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [{CBA4C001-2D27-4785-8746-00910F67DD0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [TCP Query User{0433BFC9-FBC6-49E2-AB69-BE1401E6EB5B}C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{C1E4F8C4-BAC8-4DAE-A222-841160A721EB}C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [{671AC80C-D0B4-4711-9371-93C914529604}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{ED204C46-9238-49E8-BABD-459E4D49A169}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{6269DC4F-B548-47B7-BB55-195ADCCBD54D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Colony Survival\colonyclient.exe
FirewallRules: [{AFF5F86D-8DC9-44B4-A513-DC56D617B043}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Colony Survival\colonyclient.exe
FirewallRules: [TCP Query User{02963FEE-63EF-49BE-9766-9B054883B07F}C:\program files (x86)\steam\steamapps\common\colony survival\colonyserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\colony survival\colonyserver.exe
FirewallRules: [UDP Query User{EB26D7F0-1DB7-444E-B52B-2508E0B49F8D}C:\program files (x86)\steam\steamapps\common\colony survival\colonyserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\colony survival\colonyserver.exe
FirewallRules: [{C83E022D-7962-4703-9BC8-DCDB26D75D47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{43CBAD47-05B7-4D81-A75B-5958A7B48A12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7430A91A-E2C5-4252-A9DB-595571B0D60C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{73D856DA-8D75-43D6-8946-0343913FDB16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A2173970-5B04-4DBB-AFA9-DD57579423F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{69B44FD0-FFE9-4B58-B439-E895E8BE3675}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{5824C58C-4128-43CE-8397-47B575A232CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{F6BB7C96-F681-4BCA-B7C6-26086E2874D9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{DAA9274E-DBB6-405A-8ACA-457A0EA54420}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{98DC56B5-E7FC-484B-A59A-8B214B0993F2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{28D97E34-530A-4B8C-8AA2-8E7CD4C17E90}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{6C1DECA4-48D6-4C7C-9030-4C6E4C44C4E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{F1D7C20A-DF10-4138-A82E-51FEE1438DEC}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe
FirewallRules: [UDP Query User{56E7416C-C786-460E-92E4-D75C3DA15681}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

13-09-2018 16:11:52 Windows Update
03-10-2018 16:49:56 Removed VEGAS Pro 14.0 (64-bit)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/03/2018 06:10:32 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (09/21/2018 04:16:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostex (5772) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Michal Trnka\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1811 (0xfffff8ed).

Error: (09/18/2018 11:16:11 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (4844) Pokus o otevření souboru C:\Users\Michal Trnka\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (09/05/2018 04:09:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: The data is invalid.
.

Error: (09/01/2018 02:15:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SDScan.exe verze 2.6.46.181 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: e4c

Čas spuštění: 01d441c361de49aa

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

ID hlášení: b877f769-ade0-11e8-82cf-f4066995c7e2

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/22/2018 04:11:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (07/25/2018 05:52:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LeagueClientUx.exe verze 8.14.238.5230 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1dc0

Čas spuštění: 01d4235832920a62

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.156\deploy\LeagueClientUx.exe

ID hlášení: 373c4f7b-8fbe-11e8-82ca-f4066995c7e2

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (07/24/2018 04:48:22 AM) (Source: VSS) (EventID: 12292) (User: )
Description: Chyba služby Stínová kopie svazků: Při vytváření třídy zprostředkovatele stínové kopie modelu COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
] došlo k chybě.


Operation:
Obtain a callable interface for this provider
Obtaining provider management interface

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {00000000-0000-0000-0000-000000000000}
Snapshot Context: -1
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}


System errors:
=============
Error: (10/05/2018 05:02:29 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\windows\AppCompat\Programs\Amcache.hve

Error: (10/05/2018 05:01:31 PM) (Source: DCOM) (EventID: 10010) (User: Vicitims)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/05/2018 05:01:01 PM) (Source: DCOM) (EventID: 10010) (User: Vicitims)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/05/2018 04:19:32 PM) (Source: DCOM) (EventID: 10010) (User: Vicitims)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/05/2018 04:19:02 PM) (Source: DCOM) (EventID: 10010) (User: Vicitims)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/04/2018 07:55:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/04/2018 05:42:10 PM) (Source: DCOM) (EventID: 10010) (User: Vicitims)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/04/2018 05:41:40 PM) (Source: DCOM) (EventID: 10010) (User: Vicitims)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2016-04-19 12:34:25.169
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {67A0CCA7-1029-47D4-B855-29301DC93CCA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-04-18 10:01:49.562
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D4F56292-1E00-476D-AFF7-D98BE3633714}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-04-18 09:51:34.108
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C2EC7603-7138-4EEC-8F27-A303A4DCCE7A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-04-17 16:22:01.912
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0DC26626-4907-4F46-A541-5F3C71B70C35}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-04-17 16:00:17.461
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E58263C1-F066-420A-8AB6-DED3980A5D21}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2015-12-28 15:55:38.173
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.213.1120.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.12400.0
Kód chyby: 0x8024402c
Popis chyby :An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2015-12-27 09:49:36.103
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: The resource is too old to be compatible.
Verze podpisu: 1.185.414.0;1.185.414.0
Verze modulu: 1.1.11005.0

CodeIntegrity:
===================================

Date: 2018-03-15 13:13:17.454
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:16.694
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:16.005
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:15.316
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:14.614
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:13.915
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:13.193
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:12.518
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 25%
Total physical RAM: 8084.27 MB
Available physical RAM: 6031.21 MB
Total Virtual: 9364.27 MB
Available Virtual: 7239.34 MB

==================== Drives ================================

Drive c: (Vicitims) (Fixed) (Total:889.87 GB) (Free:86.5 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.78 GB) NTFS

\\?\Volume{18e4ad6e-4d77-49f1-89b6-5978a1fd94d7}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{312a3243-1def-4ffe-b89a-7439d448913f}\ (PBR_DRV) (Fixed) (Total:14.31 GB) (Free:1.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DCAE6283)

Partition: GPT.

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Pomoc s pc? prosím

#7 Příspěvek od Conder »

:arrow: Program Spybot je uz dnes zastaraly, neodporucame ho preto pouzivat.

:arrow: Dalej ak nepouzivas, odporucam odinstalovat Seznam Software (Seznam Listicka).

:arrow: Nasledne posli nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Vicitims
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 03 říj 2018 17:21

Re: Pomoc s pc? prosím

#8 Příspěvek od Vicitims »

Ahoj :) odinstaloval sem spybot i ty lišty akorád ted nemám nic na malware kdybys měl nějakou radu potom uvítám a tady sou ty logy


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.10.2018
Ran by MichalTrnka (administrator) on VICITIMS (08-10-2018 12:31:13)
Running from C:\Users\Michal Trnka\Desktop
Loaded Profiles: MichalTrnka (Available Profiles: MichalTrnka)
Platform: Windows 8.1 (Update) (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Lenovo) C:\Program Files\lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
() C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(BitTorrent Inc.) C:\Users\Michal Trnka\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\Michal Trnka\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
(BitTorrent Inc.) C:\Users\Michal Trnka\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-12-23] (Realtek semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-03-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-03-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-09-04] (ESET)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-08-24] (Piriform Ltd)
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\RunOnce: [Uninstall C:\Users\Michal Trnka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michal Trnka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\RunOnce: [SeznamInstall-uninstall:9499cc4ce2c9e261587a6733de1f6767] => C:\Users\Michal Trnka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2018-10-08] () <==== ATTENTION
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b55dde-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b55fe6-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b560d3-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {7a09b9f8-8272-11e5-8265-f4066995c7e2} - "F:\autorun.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {8e53c2e0-18b1-11e6-827f-f4066995c7e2} - "G:\autorun.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {c5c49785-50c1-11e6-8286-f4066995c7e2} - "I:\setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {df2f3ce1-2ee9-11e6-8280-f4066995c7e2} - "H:\setup.exe"
HKU\S-1-5-18\...\Run: [] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bitmeter2.lnk [2015-10-18]
ShortcutTarget: Bitmeter2.lnk -> C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{5F1EC7F4-4608-4C58-9085-29C0F99A3485}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{F7075E92-B5C9-49D7-A648-DE816D87CF41}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-118406243-1781282106-884721309-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> DefaultScope {874A607E-B5C4-458D-93AA-20A552F0EB24} URL =
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {874A607E-B5C4-458D-93AA-20A552F0EB24} URL =
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {BB110623-C8AA-462A-B149-65D5C31508B8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-31] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-31] (Oracle Corporation)

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-31] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default [2018-10-08]
CHR Extension: (Prezentace) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-06]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-09-08]
CHR Extension: (YouTube) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-19]
CHR Extension: (Skype) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-06]
CHR Extension: (Gmail) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-13]
CHR Extension: (Chrome Media Router) - C:\Users\Michal Trnka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R2 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [529056 2017-11-20] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2260144 2018-09-04] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2260144 2018-09-04] (ESET)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [318568 2014-08-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-03-24] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1880864 2018-02-13] (Maxthon)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-21] ()
S3 npggsvc; C:\windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.)
S2 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2147216 2017-05-07] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3116440 2017-05-07] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2016-04-17] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2015-03-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-21] (Intel® Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\windows\System32\DRIVERS\atksgt.sys [310984 2016-08-09] ()
S3 avgTap; C:\windows\system32\DRIVERS\avgTap.sys [54888 2017-11-01] (The OpenVPN Project)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-06] (Disc Soft Ltd)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [141512 2018-09-04] (ESET)
R0 edevmon; C:\windows\System32\DRIVERS\edevmon.sys [109232 2018-09-04] (ESET)
S0 eelam; C:\windows\System32\DRIVERS\eelam.sys [15872 2018-09-04] (ESET)
R1 ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [188824 2018-09-04] (ESET)
R2 ekbdflt; C:\windows\system32\DRIVERS\ekbdflt.sys [50144 2018-09-04] (ESET)
R1 epfw; C:\windows\system32\DRIVERS\epfw.sys [82304 2018-09-04] (ESET)
R1 epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [109864 2018-09-04] (ESET)
S3 Hamachi; C:\windows\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [220104 2014-08-07] (Intel Corporation)
R2 lirsgt; C:\windows\System32\DRIVERS\lirsgt.sys [42696 2016-08-09] ()
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\NETwbw02.sys [3609568 2013-12-25] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [9101016 2013-12-23] (Realtek Semiconductor Corp.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2016-07-23] () [File not signed]
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 AVFSFilter; \SystemRoot\system32\DRIVERS\avfsfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-08 12:31 - 2018-10-08 12:33 - 000022603 _____ C:\Users\Michal Trnka\Desktop\FRST.txt
2018-10-08 12:31 - 2018-10-08 12:31 - 000000000 ____D C:\Users\Michal Trnka\Desktop\FRST-OlderVersion
2018-10-08 12:06 - 2018-10-08 12:06 - 000000085 _____ C:\windows\wininit.ini
2018-10-08 11:50 - 2018-10-08 12:33 - 000000000 ____D C:\Users\Michal Trnka\Downloads\NARUTO_SHIPPUUDEN
2018-10-08 11:48 - 2018-10-08 11:48 - 000407183 _____ C:\Users\Michal Trnka\Downloads\Naruto Shippuuden 001-500 Czech SUB.torrent
2018-10-07 19:07 - 2018-10-07 19:07 - 000001586 _____ C:\Users\Michal Trnka\Desktop\vegas140 – zástupce.lnk
2018-10-07 19:04 - 2018-10-07 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2018-10-07 19:03 - 2018-10-07 19:03 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\VEGAS
2018-10-07 19:03 - 2018-10-07 19:03 - 000000000 ____D C:\Program Files (x86)\VEGAS
2018-10-07 18:56 - 2018-10-07 19:00 - 448942680 ____R C:\Users\Michal Trnka\Downloads\Sony Vegas Pro 14.0 Build 244 + patch - Crackingpatching.com.zip
2018-10-06 20:47 - 2018-10-06 20:48 - 018158751 _____ C:\Users\Michal Trnka\Downloads\michal.mp4
2018-10-06 19:06 - 2018-10-08 12:20 - 000000000 ____D C:\Users\Michal Trnka\AppData\LocalLow\uTorrent
2018-10-05 17:30 - 2018-10-08 12:31 - 002414592 _____ (Farbar) C:\Users\Michal Trnka\Desktop\FRST64.exe
2018-10-03 18:45 - 2018-10-03 18:49 - 000000000 ____D C:\AdwCleaner
2018-10-03 18:44 - 2018-10-03 18:44 - 007592144 _____ (Malwarebytes) C:\Users\Michal Trnka\Downloads\adwcleaner_7.2.4.0.exe
2018-10-03 18:02 - 2018-10-08 12:31 - 000000000 ____D C:\FRST
2018-10-03 17:57 - 2018-10-03 17:57 - 000001967 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2018-10-03 17:54 - 2018-10-03 17:54 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\ESET
2018-10-03 17:53 - 2018-10-03 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-10-03 17:53 - 2018-10-03 17:53 - 000000000 ____D C:\ProgramData\ESET
2018-10-03 17:53 - 2018-10-03 17:53 - 000000000 ____D C:\Program Files\ESET
2018-10-03 17:49 - 2018-10-03 17:49 - 004279416 _____ (ESET) C:\Users\Michal Trnka\Downloads\eset_internet_security_live_installer.exe
2018-10-03 17:02 - 2018-10-03 16:21 - 000454378 _____ C:\windows\system32\Drivers\etc\hosts.20181003-170257.backup
2018-10-03 16:34 - 2018-10-03 16:34 - 000000000 _____ C:\windows\SysWOW64\last.dump
2018-10-02 20:17 - 2018-10-02 20:17 - 000000968 _____ C:\Users\Public\Desktop\Bandicam.lnk
2018-10-02 20:17 - 2018-10-02 20:17 - 000000000 ____D C:\Program Files (x86)\Bandicam
2018-10-02 20:04 - 2018-10-02 20:04 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\BANDISOFT
2018-10-01 18:55 - 2018-10-01 19:37 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\obs-studio
2018-10-01 17:10 - 2018-10-01 17:10 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\Publish Providers
2018-10-01 17:10 - 2018-10-01 17:10 - 000000000 ____D C:\ProgramData\VEGAS Pro
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\VEGAS Pro
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\VEGAS
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\MAGIX
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\VEGAS Pro
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\Sony
2018-10-01 17:09 - 2018-10-01 17:09 - 000000000 ____D C:\ProgramData\Magix
2018-10-01 17:05 - 2018-10-07 19:03 - 000000000 ____D C:\ProgramData\VEGAS
2018-10-01 17:05 - 2018-10-01 17:05 - 000000000 ____D C:\Program Files\VEGAS
2018-10-01 17:04 - 2018-10-07 19:03 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\Sony
2018-09-12 21:30 - 2018-08-28 07:39 - 001491032 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2018-09-12 21:30 - 2018-08-28 05:46 - 001764408 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2018-09-12 21:30 - 2018-08-28 03:36 - 001311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2018-09-12 21:30 - 2018-08-28 03:36 - 000340480 _____ (Microsoft Corporation) C:\windows\SysWOW64\msexcl40.dll
2018-09-12 21:30 - 2018-08-24 01:05 - 025736704 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-09-12 21:30 - 2018-08-24 00:54 - 000289280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
2018-09-12 21:30 - 2018-08-24 00:34 - 005779456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-09-12 21:30 - 2018-08-23 23:40 - 001555456 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-09-12 21:30 - 2018-08-23 23:27 - 020279296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-09-12 21:30 - 2018-08-23 22:51 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-09-12 21:30 - 2018-08-23 22:27 - 001329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-09-12 21:30 - 2018-08-14 03:22 - 022374608 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2018-09-12 21:30 - 2018-08-14 03:19 - 019790752 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2018-09-12 21:30 - 2018-08-13 22:06 - 002530384 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2018-09-12 21:30 - 2018-08-13 22:03 - 001903744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2018-09-12 21:30 - 2018-08-13 21:32 - 001368680 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2018-09-12 21:30 - 2018-08-13 15:40 - 001754112 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2018-09-12 21:30 - 2018-08-13 15:39 - 001491968 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2018-09-12 21:30 - 2018-08-13 15:33 - 001085440 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2018-09-12 21:30 - 2018-08-12 21:23 - 007373544 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-09-12 21:30 - 2018-08-12 21:06 - 001676056 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-09-12 21:30 - 2018-08-12 21:06 - 001536120 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2018-09-12 21:30 - 2018-08-12 21:06 - 001500432 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-09-12 21:30 - 2018-08-12 21:06 - 001371352 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2018-09-12 21:30 - 2018-08-12 21:04 - 002451808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-09-12 21:30 - 2018-08-12 18:31 - 002347520 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2018-09-12 21:30 - 2018-08-12 18:06 - 001556480 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2018-09-12 21:30 - 2018-08-09 19:39 - 000113664 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2018-09-12 21:30 - 2018-08-09 18:41 - 000073728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2018-09-12 21:30 - 2018-08-09 18:39 - 000148992 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2018-09-12 21:30 - 2018-07-29 15:44 - 001265664 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2018-09-12 21:30 - 2018-07-24 19:50 - 006522344 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2018-09-12 21:30 - 2018-07-24 19:50 - 001488008 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2018-09-12 21:30 - 2018-07-24 19:50 - 000261408 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2018-09-12 21:30 - 2018-07-24 15:45 - 000685056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2018-09-12 21:30 - 2018-07-18 15:34 - 000101376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2018-09-12 21:30 - 2018-07-06 19:14 - 000346112 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2018-09-12 21:30 - 2018-07-06 18:22 - 000299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
2018-09-12 21:30 - 2018-07-06 01:17 - 001115648 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2018-09-12 21:30 - 2018-06-26 17:25 - 000425984 _____ (Microsoft Corporation) C:\windows\system32\PCPTpm12.dll
2018-09-12 21:30 - 2018-06-26 17:14 - 000367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\PCPTpm12.dll
2018-09-12 21:30 - 2018-06-21 15:31 - 001200640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2018-09-12 21:30 - 2018-06-21 15:30 - 000868864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2018-09-12 21:29 - 2018-08-24 00:43 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-09-12 21:29 - 2018-08-24 00:33 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-09-12 21:29 - 2018-08-24 00:08 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2018-09-12 21:29 - 2018-08-24 00:01 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-09-12 21:29 - 2018-08-24 00:00 - 015283712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-09-12 21:29 - 2018-08-23 23:52 - 004510720 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-09-12 21:29 - 2018-08-23 23:28 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-09-12 21:29 - 2018-08-23 23:15 - 000497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-09-12 21:29 - 2018-08-23 23:06 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-09-12 21:29 - 2018-08-23 22:49 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2018-09-12 21:29 - 2018-08-23 22:48 - 013679616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-09-12 21:29 - 2018-08-23 22:44 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-09-12 21:29 - 2018-08-23 22:30 - 004037632 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-09-12 21:29 - 2018-08-23 22:24 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-09-12 21:29 - 2018-08-13 15:30 - 000043520 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2018-09-12 21:29 - 2018-08-13 15:29 - 000057344 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2018-09-12 21:29 - 2018-08-09 19:40 - 000078336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2018-09-12 21:29 - 2018-08-09 18:59 - 000543232 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll
2018-09-12 21:29 - 2018-08-09 18:41 - 000096768 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2018-09-12 21:29 - 2018-06-21 15:24 - 000513456 _____ C:\windows\SysWOW64\locale.nls
2018-09-12 21:29 - 2018-06-21 15:24 - 000513456 _____ C:\windows\system32\locale.nls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-08 12:33 - 2015-10-18 09:49 - 000000000 ____D C:\ProgramData\Bitmeter2
2018-10-08 12:32 - 2016-05-15 15:10 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\uTorrent
2018-10-08 12:32 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf
2018-10-08 12:30 - 2018-03-20 00:03 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\CrashDumps
2018-10-08 12:25 - 2015-03-24 13:24 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-08 12:23 - 2015-11-06 18:51 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz
2018-10-08 12:15 - 2015-10-13 02:20 - 000003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-118406243-1781282106-884721309-1002
2018-10-08 12:13 - 2015-10-13 07:46 - 000000000 ____D C:\Program Files (x86)\Steam
2018-10-08 12:08 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-10-08 12:07 - 2015-03-24 14:27 - 000016896 _____ C:\windows\system32\VfService.trf
2018-10-08 12:06 - 2017-12-21 17:56 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-10-08 12:00 - 2016-01-14 11:29 - 000000000 ____D C:\Program Files\Rockstar Games
2018-10-08 11:59 - 2017-10-12 18:45 - 000000000 ____D C:\Program Files (x86)\Aureria Classic
2018-10-08 11:59 - 2017-06-22 19:30 - 000000000 ____D C:\Program Files (x86)\Ekura
2018-10-08 11:59 - 2016-01-14 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2018-10-08 11:58 - 2015-03-24 13:30 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-10-08 11:54 - 2016-01-14 13:46 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\Rockstar Games
2018-10-08 11:53 - 2015-10-13 08:00 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-10-08 11:44 - 2016-01-20 17:28 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\Battle.net
2018-10-08 07:51 - 2018-08-15 19:17 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2018-10-08 07:33 - 2016-01-20 17:27 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-10-07 19:25 - 2017-09-23 14:08 - 000000000 ____D C:\Users\Michal Trnka\Desktop\GAMES
2018-10-04 18:59 - 2016-03-20 14:12 - 000000000 ____D C:\Users\Michal Trnka\Downloads\Hudba
2018-10-04 16:05 - 2018-02-21 22:48 - 000004128 _____ C:\windows\System32\Tasks\CCleaner Update
2018-10-03 18:51 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2018-10-03 18:49 - 2016-01-15 18:58 - 000000000 ____D C:\ProgramData\BSD
2018-10-03 17:54 - 2013-08-22 17:36 - 000000000 ___HD C:\windows\ELAMBKUP
2018-10-03 16:49 - 2016-06-10 10:11 - 000000000 ____D C:\Users\Michal Trnka\AppData\Local\AvgSetupLog
2018-10-03 16:49 - 2015-11-06 18:54 - 000000000 ____D C:\Program Files (x86)\AVG
2018-10-03 16:49 - 2015-11-06 18:53 - 000000000 ____D C:\ProgramData\AVG
2018-10-03 16:44 - 2015-10-17 19:12 - 000000000 ___RD C:\Users\Michal Trnka\Desktop\sračky
2018-10-03 16:41 - 2017-01-10 19:46 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-10-03 16:39 - 2018-03-21 17:52 - 000501552 _____ C:\windows\system32\FNTCACHE.DAT
2018-10-03 16:39 - 2015-11-06 18:54 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\AVG
2018-10-01 19:21 - 2016-02-07 10:18 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\vlc
2018-10-01 16:02 - 2016-03-20 14:14 - 000000000 ____D C:\Users\Michal Trnka\Downloads\Filmy
2018-09-23 03:32 - 2017-07-27 01:53 - 000003184 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-118406243-1781282106-884721309-1002
2018-09-23 03:32 - 2016-04-23 18:21 - 000002351 _____ C:\Users\Michal Trnka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2018-09-18 16:16 - 2017-12-23 10:46 - 000002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-18 16:16 - 2017-12-23 10:46 - 000002171 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-17 05:54 - 2016-11-29 00:40 - 000003852 _____ C:\windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-17 05:54 - 2016-11-29 00:38 - 000003738 _____ C:\windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-17 05:54 - 2016-11-29 00:38 - 000003494 _____ C:\windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-17 05:53 - 2018-07-03 19:57 - 000003608 _____ C:\windows\System32\Tasks\Maxthon5 Update
2018-09-17 05:53 - 2017-04-01 07:20 - 000003082 _____ C:\windows\System32\Tasks\{EBA6E84E-0B5E-4A9A-9077-71B825860688}
2018-09-17 05:53 - 2015-03-24 14:26 - 000003056 _____ C:\windows\System32\Tasks\PDVDServ Task
2018-09-17 05:53 - 2015-03-24 13:32 - 000002990 _____ C:\windows\System32\Tasks\Synaptics TouchPad Enhancements
2018-09-16 12:06 - 2017-12-23 10:45 - 000003258 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-09-14 20:37 - 2013-08-22 17:36 - 000000000 ____D C:\windows\rescache
2018-09-14 05:55 - 2013-08-22 17:36 - 000000000 ___RD C:\windows\ToastData
2018-09-13 16:24 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2018-09-13 16:16 - 2015-12-11 15:36 - 000000000 ____D C:\windows\system32\MRT
2018-09-13 16:13 - 2015-10-14 07:26 - 139184408 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-09-10 16:12 - 2015-11-06 20:47 - 000000000 ____D C:\Program Files\CCleaner

==================== Files in the root of some directories =======

2016-08-01 03:08 - 2016-08-01 03:08 - 000000010 _____ () C:\Users\Michal Trnka\AppData\Roaming\dmcusername.file
2016-08-01 03:08 - 2016-08-01 03:08 - 000000000 _____ () C:\Users\Michal Trnka\AppData\Roaming\pof.exact
2018-01-14 21:16 - 2018-01-14 21:16 - 000001475 _____ () C:\Users\Michal Trnka\AppData\Local\recently-used.xbel

Files to move or delete:
====================
C:\Users\Michal Trnka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


Some files in TEMP:
====================
2018-10-08 12:23 - 2018-10-08 12:23 - 000534528 _____ () C:\Users\Michal Trnka\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-02 18:16

==================== End of FRST.txt ============================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.10.2018
Ran by MichalTrnka (08-10-2018 12:33:57)
Running from C:\Users\Michal Trnka\Desktop
Windows 8.1 (Update) (X64) (2015-10-13 00:12:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-118406243-1781282106-884721309-500 - Administrator - Disabled)
Guest (S-1-5-21-118406243-1781282106-884721309-501 - Limited - Disabled)
MichalTrnka (S-1-5-21-118406243-1781282106-884721309-1002 - Administrator - Enabled) => C:\Users\Michal Trnka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.)
Aktualizace NVIDIA 27.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 27.1.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.09 - NVIDIA Corporation) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.1.0.1064 - Bandisoft.com)
Banished (HKLM-x32\...\1207660783_is1) (Version: 2.5.0.9 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitMeter (HKLM-x32\...\BitMeter) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
Counter-Strike 1.6 (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\Counter-Strike 1.6) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Download Manager (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\e10685ec571b7282) (Version: 4.0.0.18 - Also Digital B.V.)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
ESET Security (HKLM\...\{0813F772-F554-4DA9-9CEA-ABCE6321BDFD}) (Version: 11.2.63.0 - ESET, spol. s r.o.)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Gameforge Live 2.0.13 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gothic II Gold (HKLM-x32\...\{8B95673D-2D4C-4216-ADA2-3660973700BF}) (Version: 1.00.0000 - CD Projekt) Hidden
Gothic II Gold (HKLM-x32\...\InstallShield_{8B95673D-2D4C-4216-ADA2-3660973700BF}) (Version: 1.00.0000 - CD Projekt)
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{07BE4679-4318-4413-9701-B3D91354F10C}) (Version: - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version: - )
Heroes of Might and Magic V (HKLM-x32\...\{8829DAD4-8F07-4A96-B995-15498EBB8045}) (Version: - )
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.91 - Riot Games, Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eff1d9d1-41fa-49ef-a986-082bfe49c293}) (Version: 16.8.0 - Intel Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
KClip 1.0.2 VST x64 Demo version 1.0.2 (HKLM-x32\...\{64DAC5E3-1149-43BD-92CB-64D84F92C0CB}_is1) (Version: 1.0.2 - Kazrog LLC)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.1.2 - PandoraTV)
League of Legends (HKLM-x32\...\{6FEDADF5-40EC-4E18-A376-0FDBACE65338}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10256 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
Metin2 (HKLM-x32\...\Metin2_CZ_is1) (Version: - Gameforge 4D GmbH)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft OneDrive (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OpenOffice 4.1.4 (HKLM-x32\...\{726F81BD-FECF-412D-917B-F237CD6C8FFE}) (Version: 4.14.9787 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 376.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.09 - NVIDIA Corporation) Hidden
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Rise of Nations: Extended Edition (HKLM-x32\...\Rise of Nations: Extended Edition_is1) (Version: - Microsoft Studios)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.28 (HKLM-x32\...\Skype_is1) (Version: 8.28 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\TeamSpeak 3 Client) (Version: 3.1.9 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{B926966E-0517-11E7-9D65-C2A106E0D44C}) (Version: 14.0.244 - VEGAS)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VLC MEDIA player cz plna verze zdarma 2013 version for Windows (HKLM-x32\...\{6AE0F474-EC64-21CF-4936-B40E009DEC8D}_is1) (Version: for Windows - )
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Winrar 4.11_64bit_32_bit+full+cz version for Windows (HKLM-x32\...\{A9B1D15A-58A6-6A5A-525C-33F3BFE7819C}_is1) (Version: for Windows - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zaklínač - Rozšířená edice (HKLM-x32\...\{86ACE727-A4F2-4B28-A37D-254D9CC03156}) (Version: 1.5 - CD Projekt Red)
Zaklínač (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-118406243-1781282106-884721309-1002_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (Cyberlink)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-04] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (Cyberlink)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-04] (ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-08-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2016-11-24] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-09-04] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {038E31AC-D811-40D9-828C-C0069E56D5C1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIA Corporation)
Task: {05043A26-B997-4CCC-BE00-F294A822232E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {0EA1A0E8-E26E-46B8-8873-70CBE964EA0B} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon\bin\Maxthon.exe [2017-11-16] (Maxthon International ltd.)
Task: {18A9FCAD-828C-44B5-80D3-058B2FD371E9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2018-09-13] (Microsoft Corporation)
Task: {1BA14702-5C69-438B-BB65-38633E55FA6F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [2018-10-02] (AVAST Software)
Task: {2217115B-C126-496C-81A0-66AD93BC269F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {2FB3EA56-DAB2-4E85-8BD2-D4AB9FB4E464} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-08-24] (Piriform Ltd)
Task: {32D6206A-AE54-4DE6-A1B3-46A35707C17A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIA Corporation)
Task: {38A123D7-AD23-423F-830C-6320E9F19170} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {3A6F5B05-FD34-4F56-8B45-4E2C5C986252} - System32\Tasks\{42902C30-0FF3-4E86-96B9-BA3B7E1DAFC6} => C:\windows\system32\pcalua.exe -a "C:\Users\Michal Trnka\Desktop\wow\Wow.exe" -d "C:\Users\Michal Trnka\Desktop\wow"
Task: {4466DF7B-36C9-40AB-B538-82D3822910A4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {4C121636-6B35-476D-AB3A-FCF2D3F9093F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIA Corporation)
Task: {5336F57B-1FCE-4DA0-A784-FF893CCE1E22} - System32\Tasks\{EBA6E84E-0B5E-4A9A-9077-71B825860688} => c:\program files (x86)\maxthon\bin\maxthon.exe [2017-11-16] (Maxthon International ltd.)
Task: {7155847B-CCE6-4A03-911C-F6D06C28C185} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
Task: {7AC0C181-1D4D-44A7-B4B0-DAF42E92B00E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {7E739518-9545-4D43-BCC2-B7D56A0551C4} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {7FAEBC26-90AC-4083-9ABC-A5A77A5330C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-23] (Google Inc.)
Task: {9D5EAA59-4244-4C78-8938-8DB34A9D7EEC} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2017-11-16] (Maxthon International ltd.)
Task: {B17E3DD0-FDD7-4067-9B92-CA1D6E1C2F31} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-07-07] (Oracle Corporation)
Task: {B4584683-AD86-4A76-AA17-2C4A0F6B3C25} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-08-24] (Piriform Ltd)
Task: {BCA7836D-16E6-493A-A646-7DDCDCC37BB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-23] (Google Inc.)
Task: {C24D3C10-067C-46BD-95B6-E28526208BC6} - System32\Tasks\{4492A76E-DA26-4316-BBDC-71F74815561D} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\Risen CZ\bin\Risen.exe" -d "C:\Program Files (x86)\Risen CZ\bin\"
Task: {C4B349AA-3735-4A2F-A498-B421D13D15B6} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-24] (Synaptics Incorporated)
Task: {DB376A47-B68E-415E-A5AE-38B3FD70553F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIA Corporation)
Task: {E2CAF684-14BF-45D4-ACBB-0068002A57F6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-02] (AVG Technologies CZ, s.r.o.)
Task: {FB8D9713-3BE6-4DD5-B2B0-286E0EB3E6E1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-11-29 00:38 - 2017-07-26 19:09 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-03-24 13:24 - 2016-11-24 21:39 - 000133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-17 17:55 - 2016-04-17 18:07 - 000076152 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2015-03-24 14:27 - 2015-03-24 14:27 - 000068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2015-03-24 14:27 - 2015-03-24 14:27 - 000669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2015-03-24 13:39 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-06-01 12:18 - 2014-06-01 12:18 - 001396736 _____ () C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe
2014-06-01 12:18 - 2014-06-01 12:18 - 000046592 _____ () C:\Program Files (x86)\Codebox\BitMeter\cs\BitMeter2.resources.dll
2015-03-24 14:20 - 2014-07-10 02:19 - 000592880 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2015-03-24 14:20 - 2014-07-10 02:19 - 000397296 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
2018-08-24 20:37 - 2018-08-24 20:37 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-03-24 14:24 - 2014-07-04 06:35 - 000627672 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2014-07-04 21:35 - 2014-07-04 21:35 - 000016856 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2015-03-24 13:30 - 2013-09-16 21:20 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-11-29 00:38 - 2017-07-26 19:09 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.

IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2018-10-03 17:02 - 000454695 ____R C:\windows\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15607 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-118406243-1781282106-884721309-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal Trnka\Pictures\desert.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\StartupApproved\Run: => "GSplay.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8882C182-F293-4362-8EDF-2B3C864B7CA1}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3E66E595-FB1C-4DF7-9F3D-6DD32C732D69}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{C202077D-F6A6-4726-85A5-E1221C007413}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{A5AE4A9F-6110-4288-B19F-BEA5BC91EBA6}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{0FF8A70A-7348-4BA7-BB4A-13B5C24B338C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{8D6AD4D4-A7B6-493D-A869-B8BEB7168A7A}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{C50CEF13-9E44-4D2F-A93C-06CEA4873342}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{05F56B72-0F68-4DD9-9A28-847C5E064240}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{14CD9214-B1B7-48B7-BC49-914E95F0A5F3}] => (Allow) LPort=55100
FirewallRules: [{C74134C7-ECCB-49CF-9B48-06677F7B70E5}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{6F78FD67-3724-4C9B-AE8D-19091FA1F8B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E7A4B2A-3BD5-45A1-B74A-3CD32257FE4A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{154409C6-B9AB-485E-9B7E-63A4B8C3CF7A}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{A31B5A19-F3AC-491B-8E20-F4C40A8A1482}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{FD0A3232-890A-40D4-957C-77B3C4D62721}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{40799D36-1776-4B1F-8A86-952E5318AC26}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1DA2E0E3-F412-47A7-9C66-D1C7965F329F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{28384F2A-E518-48A0-817F-F5D937491AEB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{4BEECFBB-DF7F-428A-9953-033574DCA439}C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D6861D6E-DAD3-4833-BF52-1B2038105BA2}C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{4FA68D61-170B-429D-A6F9-0DD2E5CDC529}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{950DFF18-C3EE-43C6-92F2-E7F52BD07D4E}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Allow) C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe
FirewallRules: [UDP Query User{70350928-9B6E-4D61-B487-6EDF8A497365}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Allow) C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe
FirewallRules: [{66BC8F9A-3F71-4406-BFE6-89A23B9BEB88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E0988024-6FEC-4443-84AC-50002888CCC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{47719F0B-2B4F-402F-A182-ADC7FBB32C9C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A3E5377F-AC09-4CF8-BB34-93A149B7013C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8A07FA8E-30A1-4161-97D2-AA157F763C8F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD171CBC-B891-4C70-B2C2-E4ADE12692D5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{52B7BFD2-11B4-4BC6-BBCA-9B6CF133D8E4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{97B33E70-920A-433B-963A-FFA129EF9DC0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{502E9F97-99FD-4903-88CD-9D906802EB66}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CC4A1325-CF22-4748-B229-6922AED81ABC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{FC947667-8E9E-40D9-A76E-C4967D632B12}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{2DB4FCC0-3EE6-43DD-AC09-E20AEB9E9B2C}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [TCP Query User{B2B00291-33AD-408A-8F46-C66AF7D2F548}C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{1BF176D3-033C-479C-8651-3DADCACDC749}C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michal trnka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{E9BEB7FD-CA16-44A7-B53C-097510297F8B}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{0EFFC477-3CCD-4DB9-AEA7-F31895072F32}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{C013215E-33B2-4AE5-9935-69A0DF5EFDE5}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{27FE5B6E-ADAE-4D34-B4FB-6A4A057DBF80}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [TCP Query User{0433BFC9-FBC6-49E2-AB69-BE1401E6EB5B}C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{C1E4F8C4-BAC8-4DAE-A222-841160A721EB}C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [TCP Query User{02963FEE-63EF-49BE-9766-9B054883B07F}C:\program files (x86)\steam\steamapps\common\colony survival\colonyserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\colony survival\colonyserver.exe
FirewallRules: [UDP Query User{EB26D7F0-1DB7-444E-B52B-2508E0B49F8D}C:\program files (x86)\steam\steamapps\common\colony survival\colonyserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\colony survival\colonyserver.exe
FirewallRules: [{C83E022D-7962-4703-9BC8-DCDB26D75D47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{43CBAD47-05B7-4D81-A75B-5958A7B48A12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7430A91A-E2C5-4252-A9DB-595571B0D60C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{73D856DA-8D75-43D6-8946-0343913FDB16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A2173970-5B04-4DBB-AFA9-DD57579423F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{69B44FD0-FFE9-4B58-B439-E895E8BE3675}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{5824C58C-4128-43CE-8397-47B575A232CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{F6BB7C96-F681-4BCA-B7C6-26086E2874D9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{DAA9274E-DBB6-405A-8ACA-457A0EA54420}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{98DC56B5-E7FC-484B-A59A-8B214B0993F2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{28D97E34-530A-4B8C-8AA2-8E7CD4C17E90}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{6C1DECA4-48D6-4C7C-9030-4C6E4C44C4E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{F1D7C20A-DF10-4138-A82E-51FEE1438DEC}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe
FirewallRules: [UDP Query User{56E7416C-C786-460E-92E4-D75C3DA15681}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe

==================== Restore Points =========================

13-09-2018 16:11:52 Windows Update
03-10-2018 16:49:56 Removed VEGAS Pro 14.0 (64-bit)
08-10-2018 11:54:57 Removed Grand Theft Auto V

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/08/2018 12:23:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sznpp_64.exe, verze: 2.1.32.0, časové razítko: 0x5ae9c366
Název chybujícího modulu: sznpp_64.exe, verze: 2.1.32.0, časové razítko: 0x5ae9c366
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000140dc
ID chybujícího procesu: 0xbb0
Čas spuštění chybující aplikace: 0x01d45ef0f998892c
Cesta k chybující aplikaci: C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
Cesta k chybujícímu modulu: C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
ID zprávy: 3d94578a-cae4-11e8-82d3-f4066995c7e2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/03/2018 06:10:32 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (09/21/2018 04:16:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostex (5772) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Michal Trnka\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1811 (0xfffff8ed).

Error: (09/18/2018 11:16:11 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (4844) Pokus o otevření souboru C:\Users\Michal Trnka\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (09/05/2018 04:09:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: The data is invalid.
.

Error: (09/01/2018 02:15:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SDScan.exe verze 2.6.46.181 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: e4c

Čas spuštění: 01d441c361de49aa

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

ID hlášení: b877f769-ade0-11e8-82cf-f4066995c7e2

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/22/2018 04:11:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (07/25/2018 05:52:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LeagueClientUx.exe verze 8.14.238.5230 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1dc0

Čas spuštění: 01d4235832920a62

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.156\deploy\LeagueClientUx.exe

ID hlášení: 373c4f7b-8fbe-11e8-82ca-f4066995c7e2

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/08/2018 12:09:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/08/2018 12:09:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (10/08/2018 09:40:26 AM) (Source: DCOM) (EventID: 10010) (User: Vicitims)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/08/2018 09:39:56 AM) (Source: DCOM) (EventID: 10010) (User: Vicitims)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/08/2018 09:30:04 AM) (Source: DCOM) (EventID: 10010) (User: Vicitims)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/08/2018 09:29:33 AM) (Source: DCOM) (EventID: 10010) (User: Vicitims)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/08/2018 08:37:51 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\windows\AppCompat\Programs\Amcache.hve

Error: (10/08/2018 07:42:52 AM) (Source: DCOM) (EventID: 10010) (User: Vicitims)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2016-04-19 12:34:25.169
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {67A0CCA7-1029-47D4-B855-29301DC93CCA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-04-18 10:01:49.562
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D4F56292-1E00-476D-AFF7-D98BE3633714}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-04-18 09:51:34.108
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C2EC7603-7138-4EEC-8F27-A303A4DCCE7A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-04-17 16:22:01.912
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0DC26626-4907-4F46-A541-5F3C71B70C35}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-04-17 16:00:17.461
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E58263C1-F066-420A-8AB6-DED3980A5D21}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2015-12-28 15:55:38.173
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.213.1120.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.12400.0
Kód chyby: 0x8024402c
Popis chyby :An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2015-12-27 09:49:36.103
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: The resource is too old to be compatible.
Verze podpisu: 1.185.414.0;1.185.414.0
Verze modulu: 1.1.11005.0

CodeIntegrity:
===================================

Date: 2018-03-15 13:13:17.454
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:16.694
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:16.005
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:15.316
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:14.614
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:13.915
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:13.193
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-15 13:13:12.518
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 29%
Total physical RAM: 8084.27 MB
Available physical RAM: 5738.75 MB
Total Virtual: 9364.27 MB
Available Virtual: 7373.27 MB

==================== Drives ================================

Drive c: (Vicitims) (Fixed) (Total:889.87 GB) (Free:204.16 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.78 GB) NTFS

\\?\Volume{18e4ad6e-4d77-49f1-89b6-5978a1fd94d7}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{312a3243-1def-4ffe-b89a-7439d448913f}\ (PBR_DRV) (Fixed) (Total:14.31 GB) (Free:1.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DCAE6283)

Partition: GPT.

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Pomoc s pc? prosím

#9 Příspěvek od Conder »

:arrow: Podla logov tam bezi ESET, co je vcelku kvalitny AV.

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll
    File: C:\Program Files\Intel\iCLS Client\HeciServer.exe
    File: C:\Windows\SysWow64\Drivers\secdrv.sys
    
    HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\RunOnce: [Uninstall C:\Users\Michal Trnka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michal Trnka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
    HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\RunOnce: [SeznamInstall-uninstall:9499cc4ce2c9e261587a6733de1f6767] => C:\Users\Michal Trnka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2018-10-08] () <==== ATTENTION
    HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b55dde-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe" 
    HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b55fe6-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe" 
    HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b560d3-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe" 
    HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {7a09b9f8-8272-11e5-8265-f4066995c7e2} - "F:\autorun.exe" 
    HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {8e53c2e0-18b1-11e6-827f-f4066995c7e2} - "G:\autorun.exe" 
    HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {c5c49785-50c1-11e6-8286-f4066995c7e2} - "I:\setup.exe" 
    HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {df2f3ce1-2ee9-11e6-8280-f4066995c7e2} - "H:\setup.exe" 
    HKU\S-1-5-18\...\Run: [] => [X]
    BootExecute: autocheck autochk * sdnclean64.exe
    HKU\S-1-5-21-118406243-1781282106-884721309-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> DefaultScope {874A607E-B5C4-458D-93AA-20A552F0EB24} URL = 
    SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {874A607E-B5C4-458D-93AA-20A552F0EB24} URL = 
    S3 AVFSFilter; \SystemRoot\system32\DRIVERS\avfsfilter.sys [X]
    2018-10-08 12:31 - 2018-10-08 12:31 - 000000000 ____D C:\Users\Michal Trnka\Desktop\FRST-OlderVersion
    2018-10-03 16:34 - 2018-10-03 16:34 - 000000000 _____ C:\windows\SysWOW64\last.dump
    2018-10-08 12:23 - 2015-11-06 18:51 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz
    2018-10-08 12:06 - 2017-12-21 17:56 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2016-08-01 03:08 - 2016-08-01 03:08 - 000000000 _____ () C:\Users\Michal Trnka\AppData\Roaming\pof.exact
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    Task: {2217115B-C126-496C-81A0-66AD93BC269F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
    C:\Program Files (x86)\Seznam.cz
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Vicitims
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 03 říj 2018 17:21

Re: Pomoc s pc? prosím

#10 Příspěvek od Vicitims »

ahoj tak tady to je.... mužu jen poprosit o stričné info co jsem právě ted dělal? :roll: nemám tucha :D



Fix result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by MichalTrnka (10-10-2018 14:50:11) Run:1
Running from C:\Users\Michal Trnka\Desktop
Loaded Profiles: MichalTrnka (Available Profiles: MichalTrnka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll
File: C:\Program Files\Intel\iCLS Client\HeciServer.exe
File: C:\Windows\SysWow64\Drivers\secdrv.sys

HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\RunOnce: [Uninstall C:\Users\Michal Trnka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michal Trnka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\RunOnce: [SeznamInstall-uninstall:9499cc4ce2c9e261587a6733de1f6767] => C:\Users\Michal Trnka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2018-10-08] () <==== ATTENTION
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b55dde-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b55fe6-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {28b560d3-c238-11e7-82b3-f4066995c7e2} - "F:\Setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {7a09b9f8-8272-11e5-8265-f4066995c7e2} - "F:\autorun.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {8e53c2e0-18b1-11e6-827f-f4066995c7e2} - "G:\autorun.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {c5c49785-50c1-11e6-8286-f4066995c7e2} - "I:\setup.exe"
HKU\S-1-5-21-118406243-1781282106-884721309-1002\...\MountPoints2: {df2f3ce1-2ee9-11e6-8280-f4066995c7e2} - "H:\setup.exe"
HKU\S-1-5-18\...\Run: [] => [X]
BootExecute: autocheck autochk * sdnclean64.exe
HKU\S-1-5-21-118406243-1781282106-884721309-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> DefaultScope {874A607E-B5C4-458D-93AA-20A552F0EB24} URL =
SearchScopes: HKU\S-1-5-21-118406243-1781282106-884721309-1002 -> {874A607E-B5C4-458D-93AA-20A552F0EB24} URL =
S3 AVFSFilter; \SystemRoot\system32\DRIVERS\avfsfilter.sys [X]
2018-10-08 12:31 - 2018-10-08 12:31 - 000000000 ____D C:\Users\Michal Trnka\Desktop\FRST-OlderVersion
2018-10-03 16:34 - 2018-10-03 16:34 - 000000000 _____ C:\windows\SysWOW64\last.dump
2018-10-08 12:23 - 2015-11-06 18:51 - 000000000 ____D C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz
2018-10-08 12:06 - 2017-12-21 17:56 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-01 03:08 - 2016-08-01 03:08 - 000000000 _____ () C:\Users\Michal Trnka\AppData\Roaming\pof.exact
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {2217115B-C126-496C-81A0-66AD93BC269F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
C:\Program Files (x86)\Seznam.cz

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 1104
Average :
Sum : 3519908397
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll ========================

C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll
File is digitally signed
MD5: C748F4B061463EA33C097AE18315F3E2
Creation and modification date: 2014-06-27 06:35 - 2014-06-27 06:35
Size: 007822136
Attributes: ----A
Company Name: Motorola Solutions, Inc.
Internal Name: btmshell
Original Name: btmshellex.dll
Product: Intel(R) Wireless Bluetooth(R)
Description: Bluetooth Shell Extension
File Version: 17.1.1407.0476
Product Version: 17.1.1407.0476
Copyright: Copyright 2014 Motorola Solutions, Inc.
VirusTotal: https://www.virustotal.com/file/f2f0d60 ... 538067407/

====== End of File: ======


========================= File: C:\Program Files\Intel\iCLS Client\HeciServer.exe ========================

C:\Program Files\Intel\iCLS Client\HeciServer.exe
File not signed
MD5: DAE6C3099D291EED8922A65C29ABCF52
Creation and modification date: 2013-08-27 23:32 - 2013-08-27 23:32
Size: 000747520
Attributes: ----A
Company Name: Intel(R) Corporation
Internal Name: HeciServer
Original Name: HeciServer.exe
Product: Intel(R) Capability Licensing Service Interface
Description: Intel(R) Capability Licensing Service Interface
File Version: 1.31.8.1 sys_sysscbld
Product Version: 1,31,8,1
Copyright: (C) Copyright Intel(R) Corporation
VirusTotal: https://www.virustotal.com/file/ad0a932 ... 539093080/

====== End of File: ======


========================= File: C:\Windows\SysWow64\Drivers\secdrv.sys ========================

C:\Windows\SysWow64\Drivers\secdrv.sys
File not signed
MD5: C71394D99A04CA76484492F590C9CBA5
Creation and modification date: 2016-07-23 12:38 - 2016-07-23 12:26
Size: 000011376
Attributes: ---RA
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/f6c280a ... 537601005/

====== End of File: ======

"HKU\S-1-5-21-118406243-1781282106-884721309-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Michal Trnka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" => removed successfully
"HKU\S-1-5-21-118406243-1781282106-884721309-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SeznamInstall-uninstall:9499cc4ce2c9e261587a6733de1f6767" => removed successfully
HKU\S-1-5-21-118406243-1781282106-884721309-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{28b55dde-c238-11e7-82b3-f4066995c7e2} => removed successfully
HKLM\Software\Classes\CLSID\{28b55dde-c238-11e7-82b3-f4066995c7e2} => not found
HKU\S-1-5-21-118406243-1781282106-884721309-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{28b55fe6-c238-11e7-82b3-f4066995c7e2} => removed successfully
HKLM\Software\Classes\CLSID\{28b55fe6-c238-11e7-82b3-f4066995c7e2} => not found
HKU\S-1-5-21-118406243-1781282106-884721309-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{28b560d3-c238-11e7-82b3-f4066995c7e2} => removed successfully
HKLM\Software\Classes\CLSID\{28b560d3-c238-11e7-82b3-f4066995c7e2} => not found
HKU\S-1-5-21-118406243-1781282106-884721309-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a09b9f8-8272-11e5-8265-f4066995c7e2} => removed successfully
HKLM\Software\Classes\CLSID\{7a09b9f8-8272-11e5-8265-f4066995c7e2} => not found
HKU\S-1-5-21-118406243-1781282106-884721309-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e53c2e0-18b1-11e6-827f-f4066995c7e2} => removed successfully
HKLM\Software\Classes\CLSID\{8e53c2e0-18b1-11e6-827f-f4066995c7e2} => not found
HKU\S-1-5-21-118406243-1781282106-884721309-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5c49785-50c1-11e6-8286-f4066995c7e2} => removed successfully
HKLM\Software\Classes\CLSID\{c5c49785-50c1-11e6-8286-f4066995c7e2} => not found
HKU\S-1-5-21-118406243-1781282106-884721309-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df2f3ce1-2ee9-11e6-8280-f4066995c7e2} => removed successfully
HKLM\Software\Classes\CLSID\{df2f3ce1-2ee9-11e6-8280-f4066995c7e2} => not found
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKU\S-1-5-21-118406243-1781282106-884721309-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-118406243-1781282106-884721309-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-118406243-1781282106-884721309-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{874A607E-B5C4-458D-93AA-20A552F0EB24} => removed successfully
HKLM\Software\Classes\CLSID\{874A607E-B5C4-458D-93AA-20A552F0EB24} => not found
HKLM\System\CurrentControlSet\Services\AVFSFilter => removed successfully
AVFSFilter => service removed successfully
C:\Users\Michal Trnka\Desktop\FRST-OlderVersion => moved successfully
C:\windows\SysWOW64\last.dump => moved successfully
C:\Users\Michal Trnka\AppData\Roaming\Seznam.cz => moved successfully
C:\ProgramData\Spybot - Search & Destroy => moved successfully
C:\Users\Michal Trnka\AppData\Roaming\pof.exact => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2217115B-C126-496C-81A0-66AD93BC269F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2217115B-C126-496C-81A0-66AD93BC269F}" => removed successfully
C:\windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => removed successfully
"C:\Program Files (x86)\Seznam.cz" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10956989 B
Java, Flash, Steam htmlcache => 442668486 B
Windows/system/drivers => 7338 B
Edge => 0 B
Chrome => 586997184 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 7032 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 5335303 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
UpdatusUser => 0 B
Michal Trnka => 119581664 B

RecycleBin => 11513704019 B
EmptyTemp: => 11.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:54:15 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Pomoc s pc? prosím

#11 Příspěvek od Conder »

:arrow: Precistili sme viacmenej iba zbytocnosti a zbytky po odinstalovanych programoch.

:arrow: Nastala nejaka zmena alebo su este nejake problemy s PC?

:arrow: Plocha ma cca 3.5 GB. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

:arrow: Su tam este aj nejake zbytky po McAfee a AVG, odporucam precistit cez McAfee odinstalator: http://download.mcafee.com/products/lic ... s/MCPR.exe
a cez AVG odinstalator: http://files-download.avg.com/util/tool ... emover.exe (navod)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Vicitims
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 03 říj 2018 17:21

Re: Pomoc s pc? prosím

#12 Příspěvek od Vicitims »

Moc díky je to cejtit..jede to rychleji .. :worship: :worship: ste super díky :)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Pomoc s pc? prosím

#13 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět