Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

preventivni kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
mikeav
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 říj 2008 19:23

preventivni kontrola

#1 Příspěvek od mikeav »

Dobrý den prosím o kontrolu, děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Michael at 2018-11-12 10:08:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 53 GB (19%) free of 286 GB
Total RAM: 3982 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:08:26, on 12.11.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19155)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files\trend micro\Michael.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE09DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HPUsageTracking] C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe "C:\Program Files (x86)\HP\HP UT\"
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 14945 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\FBAgent.exe"
/QuitInfo:0000000000000438;000000000000043C; /AddRef;
C:\Windows\system32\WLANExt.exe 27923072
\??\C:\Windows\system32\conhost.exe "1279363410578511185-12459153181806183342847796050-1378482481450209437562598779
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
/QuitInfo:00000000000004E8;00000000000004EC; /AddRef;
/QuitInfo:00000000000004D0;00000000000004F4;
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
/loadhooks /Parent:0000000000000548
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
"C:\Windows\AsScrPro.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\hkcmd.exe"
"taskhost.exe"
"C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
taskeng.exe {671FB514-61D3-447C-8D88-E6E67B69C87E}
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 4472
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1166993769-90836059-1241235105-109540868568619992014734408-7909015121710255629
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE" -Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe" -userServiceMode
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDGesture.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskeng.exe {1A7D2F86-27F7-4DAB-80D9-2FB1873A8BA3}

C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Michael\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller winlogon-impersonate

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-27 204880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-17 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-06-25 938712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2018-09-27 199648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-10-27 1067096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-17 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-10-16 150824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-06-25 812248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2018-09-27 167480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-10-27 717592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-12-20 11406608]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-07-25 2403104]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-07-25 1283136]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-10 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-10 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-10 441888]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-06-25 242904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON]
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-02-07 102568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13 1190424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2012-08-06 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2012-02-24 3331312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-20 107816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2012-02-19 2661672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-02-21 12452456]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-07 291608]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-23 318080]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2011-10-25 174720]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-10-19 2319536]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392]
""= []
"HPUsageTracking"=C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [2009-05-11 24576]

C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-10 441856]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2018-10-30 13:11:08 ----D---- C:\Users\Michael\AppData\Roaming\Tracker Software

======List of files/folders modified in the last 1 month======

2018-11-12 10:08:26 ----D---- C:\Windows\Prefetch
2018-11-12 10:08:25 ----D---- C:\Windows\system32\drivers\etc
2018-11-12 10:08:25 ----D---- C:\Program Files\trend micro
2018-11-12 10:02:13 ----D---- C:\Windows\temp
2018-11-12 09:53:59 ----D---- C:\Windows\system32\config
2018-11-12 09:43:48 ----SHD---- C:\Windows\Installer
2018-11-12 09:32:10 ----A---- C:\Windows\SYSWOW64\log.txt
2018-11-10 15:48:01 ----D---- C:\Program Files (x86)\Steam
2018-11-10 15:35:25 ----SHD---- C:\Config.Msi
2018-11-10 15:35:24 ----RD---- C:\Program Files (x86)
2018-11-10 15:34:48 ----SHD---- C:\System Volume Information
2018-11-10 13:33:05 ----D---- C:\ProgramData\Package Cache
2018-11-10 13:31:39 ----D---- C:\ProgramData
2018-11-10 13:31:39 ----D---- C:\Program Files
2018-11-10 13:31:17 ----D---- C:\Windows\System32
2018-11-09 09:25:38 ----D---- C:\Windows\inf
2018-11-09 09:25:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-10-31 19:00:30 ----D---- C:\Windows\system32\NDF
2018-10-27 13:01:30 ----D---- C:\Windows\Microsoft.NET
2018-10-27 11:02:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-10-27 10:51:48 ----D---- C:\Program Files (x86)\Microsoft Office
2018-10-25 08:21:34 ----D---- C:\Windows\SysWOW64
2018-10-13 22:15:43 ----D---- C:\Windows\rescache
2018-10-13 21:36:42 ----RSD---- C:\Windows\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-06-25 201328]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-06-25 346664]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-06-25 59592]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-06-25 85968]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-06-25 381584]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-12-23 568600]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-02-07 16152]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-04-09 31376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-06-25 197160]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-06-25 229392]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-06-25 239680]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-06-25 111872]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-06-25 1027728]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-08-24 465640]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-06-25 159640]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-06-25 211160]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-02-08 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-02-08 43680]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2012-01-30 17152]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
R3 AsusVBus;AsusVBus; C:\Windows\system32\DRIVERS\AsusVBus.sys [2012-04-11 35968]
R3 AsusVTouch;AsusVTouch; C:\Windows\system32\DRIVERS\AsusVTouch.sys [2012-04-11 16512]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-02-19 200488]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-10 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-03-06 4763112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-02-07 356120]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-02-07 787736]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2011-12-21 25496]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-08-06 62784]
R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2017-02-14 111608]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2012-01-09 11416576]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-25 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2011-12-28 292456]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-06-25 46976]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2012-02-24 80384]
S3 btmaudio;Intel Bluetooth Audio Service; C:\Windows\system32\drivers\btmaud.sys [2011-12-13 51712]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-12-13 94720]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-12-13 747008]
S3 CLMirrorDriver;CLMirrorDriver; C:\Windows\system32\DRIVERS\CLMirrorDriver.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2018-07-09 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2018-07-09 47672]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-14 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-14 60416]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2011-12-21 34200]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-08-13 83984]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-03-04 379520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-06-25 322464]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-20 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-20 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-12 135952]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-10-24 9667872]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-12-08 618256]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-29 277784]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2018-09-27 604824]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-25 1720608]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-25 18956064]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-04-08 936264]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-12-08 148752]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
R3 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R3 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-06-25 7780400]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-20 1304912]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-06 164984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09 335872]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-06 164984]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-10 277024]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-14 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-09-18 116224]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-10-24 214824]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-03-18 5132888]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-11-08 1684256]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------
Obrázek

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: preventivni kontrola

#2 Příspěvek od altrok »

Krasny den Vam preju :bye:


:arrow: Pozorujete na PC nejake konkretni problemy, ci jde pouze o preventivku?


:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.).


:arrow: Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
  • ukoncete vsechny programy
  • odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

mikeav
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 říj 2008 19:23

Re: preventivni kontrola

#3 Příspěvek od mikeav »

jedná se pouze o preventivní kontrolu.

zde je log:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-11-05.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-13-2018
# Duration: 00:00:09
# OS: Windows 7 Home Premium
# Cleaned: 5
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\extensions

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKU\S-1-5-18\SOFTWARE\FB91202E116F3D389A3333549BB4B01B
Deleted HKU\.DEFAULT\SOFTWARE\FB91202E116F3D389A3333549BB4B01B
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Wow6432Node\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1567 octets] - [13/11/2018 10:10:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Obrázek

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: preventivni kontrola

#4 Příspěvek od altrok »

:arrow:
  • Ulozte nejlepe na plochu FRST.exe/FRST64.exe - https://www.bleepingcomputer.com/downlo ... scan-tool/
  • kliknete pravym mysitkem na stazeny FRST a vyberte Spustit jako spravce
  • zkontrolujte, ze je zatrzena polozka Addition.txt v pravem dolnim rohu
  • kliknete na Scan
  • do pristich odpovedi (pravdepodobne se nevlezou do jedne) vlozte obsah vygenerovanych logu FRST.txt i Addition.txt
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

mikeav
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 říj 2008 19:23

Re: preventivni kontrola

#5 Příspěvek od mikeav »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.11.2018
Ran by Michael (administrator) on MICHAEL-PC (14-11-2018 10:10:48)
Running from C:\Users\Michael\Desktop
Loaded Profiles: Michael (Available Profiles: Michael)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Software 2000 Limited) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\Updates\16.0.11029.20045\OfficeClickToRun.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-25] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-25] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-19] (ASUS)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe "C:\Program Files (x86)\HP\HP UT\"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [175880 2015-04-09] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175880 2015-04-09] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-04-09] (NVIDIA Corporation)
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2018-02-12]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{4C9D3951-AD3F-4377-B32D-9BA814965A67}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1595427855-677584234-4232521315-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-17] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-06-25] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-17] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-10-16] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-06-25] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-10-27] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-25] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-10-18]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-09] ()
FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2014-09-04] (Cuminas Corporation)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-03-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2014-09-04] (Cuminas Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-08-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-08-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2012-10-23] (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2016-09-23] ()
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-1595427855-677584234-4232521315-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-1595427855-677584234-4232521315-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-1595427855-677584234-4232521315-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default [2018-11-14]
CHR Extension: (Disk Google) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (AdBlock) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-06-25] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-06] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-06-25] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-06] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9667872 2018-10-24] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-09-27] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-01-30] (ASUSTek Computer Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-11] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-11] (Windows (R) Win 7 DDK provider)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-06-25] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-06-25] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-06-25] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-06-25] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-06-25] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-06-25] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-06-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-06-25] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-06-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-06-25] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-06-25] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [465640 2018-08-24] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-06-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-06-25] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-02-08] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-07-09] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-07-09] (Disc Soft Ltd)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-02-08] ()
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 CLMirrorDriver; system32\DRIVERS\CLMirrorDriver.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-14 10:05 - 2018-11-14 10:10 - 000052913 _____ C:\Users\Michael\Desktop\Addition.txt
2018-11-14 10:05 - 2018-11-14 10:05 - 005723272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2018-11-14 09:53 - 2018-11-14 10:12 - 000027383 _____ C:\Users\Michael\Desktop\FRST.txt
2018-11-14 09:47 - 2018-11-14 09:47 - 002415616 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2018-11-13 10:09 - 2018-11-13 10:09 - 007592144 _____ (Malwarebytes) C:\Users\Michael\Desktop\AdwCleaner.exe
2018-11-10 15:37 - 2018-11-10 15:37 - 000000802 _____ C:\Users\Michael\Desktop\CCleaner.lnk
2018-10-30 13:11 - 2018-10-30 13:11 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Tracker Software
2018-10-27 10:55 - 2018-10-27 10:55 - 000002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-10-27 10:55 - 2018-10-27 10:55 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-10-27 10:55 - 2018-10-27 10:55 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-10-27 10:55 - 2018-10-27 10:55 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-10-27 10:55 - 2018-10-27 10:55 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2018-10-27 10:55 - 2018-10-27 10:55 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-10-27 10:55 - 2018-10-27 10:55 - 000002376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-10-27 10:55 - 2018-10-27 10:55 - 000002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-10-27 10:55 - 2018-10-27 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2018-10-27 10:55 - 2018-10-27 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2018-10-25 11:20 - 2018-10-25 11:20 - 000120747 _____ C:\Users\Michael\Desktop\No_Place_Like_Home_The_Late-Modern_World.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-14 10:10 - 2015-02-21 19:55 - 000000000 ____D C:\FRST
2018-11-14 10:06 - 2012-10-16 19:22 - 000842376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-14 10:06 - 2012-10-16 19:22 - 000175240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-14 10:06 - 2012-10-16 19:22 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-14 10:06 - 2012-10-16 19:22 - 000000000 ____D C:\Windows\system32\Macromed
2018-11-14 10:05 - 2012-02-24 12:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-11-14 09:40 - 2018-03-28 18:43 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-11-14 09:33 - 2018-06-16 20:41 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-11-14 09:29 - 2009-07-14 05:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-14 09:29 - 2009-07-14 05:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-14 09:18 - 2012-10-16 14:50 - 000000380 _____ C:\Users\Michael\AppData\Roaming\sp_data.sys
2018-11-13 16:54 - 2016-11-12 19:36 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-13 10:14 - 2012-08-06 22:40 - 000000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2018-11-13 10:13 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-13 10:10 - 2015-12-17 12:53 - 000000000 ____D C:\AdwCleaner
2018-11-12 19:29 - 2013-07-17 11:49 - 000000000 ____D C:\Program Files (x86)\Steam
2018-11-12 10:08 - 2012-11-24 13:15 - 000000000 ____D C:\Program Files\trend micro
2018-11-10 15:44 - 2013-07-17 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-11-10 15:41 - 2012-10-16 17:56 - 000000000 ____D C:\Users\Michael\AppData\Local\Adobe
2018-11-10 15:37 - 2014-10-19 12:10 - 000000000 ____D C:\Users\Michael\Desktop\KFS
2018-11-10 13:51 - 2015-03-13 14:45 - 000000000 ____D C:\Users\Michael\Desktop\Wallpapers
2018-11-10 13:50 - 2017-04-21 12:00 - 000000000 ____D C:\Users\Michael\Desktop\statnice
2018-11-10 13:50 - 2017-01-03 15:02 - 000000000 ____D C:\Users\Michael\Desktop\cs film
2018-11-10 13:46 - 2018-02-13 20:02 - 000000000 ____D C:\Users\Michael\Desktop\tataracek
2018-11-10 13:33 - 2013-09-19 19:49 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-10 13:14 - 2012-11-28 17:49 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-09 09:25 - 2011-02-19 06:36 - 000699060 _____ C:\Windows\system32\perfh005.dat
2018-11-09 09:25 - 2011-02-19 06:36 - 000155144 _____ C:\Windows\system32\perfc005.dat
2018-11-09 09:25 - 2009-07-14 06:13 - 001663422 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-09 09:25 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-10-31 19:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-10-28 15:37 - 2016-09-16 12:11 - 000000000 ____D C:\Users\Michael\Desktop\giallo
2018-10-27 11:22 - 2018-04-06 15:15 - 000002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-10-27 11:02 - 2016-03-29 12:41 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-27 10:51 - 2012-02-24 12:30 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-10-27 10:48 - 2018-03-04 23:07 - 006178118 _____ C:\Users\Michael\Desktop\Artistic Imagery in Dario Argento’s Cinema.PDF
2018-10-15 20:49 - 2012-10-16 17:56 - 000000000 ____D C:\Users\Michael\AppData\LocalLow\Adobe

==================== Files in the root of some directories =======

2015-05-15 09:47 - 2015-05-15 09:47 - 006420480 _____ () C:\Program Files (x86)\GUT9A6B.tmp
2016-12-28 00:02 - 2016-12-29 20:57 - 000099384 _____ () C:\Users\Michael\AppData\Roaming\inst.exe
2016-12-28 00:02 - 2016-12-29 20:57 - 000007859 _____ () C:\Users\Michael\AppData\Roaming\pcouffin.cat
2016-12-28 00:02 - 2016-12-29 20:57 - 000001167 _____ () C:\Users\Michael\AppData\Roaming\pcouffin.inf
2016-12-28 00:02 - 2016-12-29 20:57 - 000000055 _____ () C:\Users\Michael\AppData\Roaming\pcouffin.log
2016-12-28 00:02 - 2016-12-29 20:57 - 000082816 _____ (VSO Software) C:\Users\Michael\AppData\Roaming\pcouffin.sys
2012-10-16 14:50 - 2018-11-14 09:18 - 000000380 _____ () C:\Users\Michael\AppData\Roaming\sp_data.sys
2012-11-27 17:22 - 2013-03-08 17:50 - 000007680 _____ () C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-09 20:58 - 2012-11-09 20:58 - 000007608 _____ () C:\Users\Michael\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-04 18:16

==================== End of FRST.txt ============================
Obrázek

mikeav
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 říj 2008 19:23

Re: preventivni kontrola

#6 Příspěvek od mikeav »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.11.2018
Ran by Michael (14-11-2018 10:12:46)
Running from C:\Users\Michael\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-10-16 13:49:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1595427855-677584234-4232521315-500 - Administrator - Disabled)
Guest (S-1-5-21-1595427855-677584234-4232521315-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1595427855-677584234-4232521315-1109 - Limited - Enabled)
Michael (S-1-5-21-1595427855-677584234-4232521315-1002 - Administrator - Enabled) => C:\Users\Michael

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.1.28086 - BitTorrent Inc.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Aktualizace NVIDIA 15.3.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 15.3.33 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.23 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0013 - ASUS)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.29 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0040 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.8 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS Virtual Touch (HKLM-x32\...\{938CFBD4-0652-49E5-BB8B-153948865941}) (Version: 1.0.11 - ASUS)
ASUS_Scr_K_multiColor_noSound (HKLM-x32\...\ASUS_Scr_K_multiColor_noSound) (Version: 1.0.0003 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0015 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.1.867.100 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6499 - CDBurnerXP)
CDSM Designer (HKLM-x32\...\CDSM_CDSM Designer) (Version: - )
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
CR2 Converter (HKLM-x32\...\{775F32A5-7BA0-4717-89D0-32B3EC25B2C9}_is1) (Version: - cr2converter.com)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.2504 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.2504 - CyberLink Corp.)
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.2318 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Document Express DjVu Plug-in (HKLM\...\{334168D6-735C-4681-87E8-BAF6C15A04F9}) (Version: 6.1.34387 - Cuminas Corporation)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
ETDWare PS/2-X64 10.5.9.0 (HKLM\...\Elantech) (Version: 10.5.9.0 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\Game Park Console) (Version: 1.2.4.431 - Oberon Media Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of Might and Magic® IV (HKLM-x32\...\{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}) (Version: 1.00.0000 - 3DO) Hidden
Heroes of Might and Magic® IV (HKLM-x32\...\InstallShield_{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}) (Version: 1.00.0000 - 3DO)
HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version: - )
hppMSRedist (HKLM-x32\...\{58ECE031-9AAD-4011-B34A-BC78E77527E2}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
hppusgP1000 (HKLM-x32\...\{F1AC923B-2A52-4C5D-8011-5FC83CD58CF4}) (Version: 1.1.0.1 - Hewlett-Packard) Hidden
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.1 - ASUS)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0083 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.213 - McAfee, Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1595427855-677584234-4232521315-1002\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MrvlUsgTracking (HKLM-x32\...\{A82D052A-0806-42DF-80CD-1730A1AC0ED3}) (Version: 1.0.7 - Marvell)
MrvlUsgTracking64 (HKLM\...\{42F0FD29-7EB3-4CAA-AF10-BC2619B96D80}) (Version: 1.0.1 - Marvell Semiconductor Pvt Ltd)
myBitCast 1.0.0.3 (HKLM\...\myBitCast) (Version: 1.0.0.3 - ASUS Cloud Corporation)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Nexon Game Manager (HKLM-x32\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version: - )
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Ovládací panel NVIDIA 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 350.12 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PhotoFiltre 7 (HKU\S-1-5-21-1595427855-677584234-4232521315-1002\...\PhotoFiltre 7) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-1595427855-677584234-4232521315-1002\...\PhotoFiltre Studio X) (Version: - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27012 - Realtek Semiconductor Corp.)
Ruská - rozložení jako latinka (0.9.1) (HKLM\...\{6109059C-2784-4546-A353-7100A6882DF4}) (Version: 1.0.3.40 - Đonny)
Settlers IV (HKLM-x32\...\{80EC6E5A-F710-4BE2-937E-6DA5DC03BFE8}) (Version: 1.00.000 - )
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.4.0.59 - KMP Media co., Ltd)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: 3.0.6.8 - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{CE9BDD0F-BAF3-474D-B6D8-15B84BDAB229}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.25 - ASUS)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1595427855-677584234-4232521315-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileCoAuthLib64.dll ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-25] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-25] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2011-04-19] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-25] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-25] (AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2011-04-19] (Igor Pavlov)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-10-10] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-04-08] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-25] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01B829EB-06A6-4A1B-AA1D-22B0D13F0B5D} - System32\Tasks\{1A2B106C-6123-4C9A-8EA1-1F2FDA15EE92} => D:\DmC - Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
Task: {094DDE66-0A5C-46F2-A3BC-591438C6BB5A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-01-30] (ASUSTek Computer Inc.)
Task: {0D1B81D9-FE5F-4EA0-A7F4-00591FB0F59C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {1436E76F-7DFD-421C-A5F2-24E13CFC9B1F} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2011-10-03] (ASUS)
Task: {149440FD-F9AF-4C56-921D-345E87C67A7A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {20B92F60-858A-443C-BA4E-3DEF5423BAB1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-24] (Microsoft Corporation)
Task: {211B07B0-527B-4165-BB53-14A7D9571B76} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {2E37A91E-7635-4704-B03D-F15A19465BF1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {32A61173-AF15-4B2C-B056-CBA3C6084F72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {3405D2DB-F4D8-454A-A593-C015D708E472} - System32\Tasks\{B0C8E90D-7C11-43A7-92C1-46940C34E432} => C:\Windows\system32\pcalua.exe -a C:\Users\Michael\Desktop\sp56574.exe -d C:\Users\Michael\Desktop
Task: {3B34322E-34CF-472C-A1D6-12E179CADC64} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-10-27] (Microsoft Corporation)
Task: {3E8CA676-BC71-4A5D-A1D0-0BF6F91BD4A7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-23] (AVAST Software)
Task: {4AC23C2B-E188-46FE-BE5C-BE9FD1339C4C} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-06] (AVAST Software)
Task: {5845EDE2-9A5A-4F96-81A5-F981D56C4BDC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-10-28] (AVAST Software)
Task: {5865C5C2-EA81-4EB8-B6FB-5918EC82BD3E} - System32\Tasks\{45F8D70E-E42B-45DB-BF95-3F527F81D66E} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-10-06] (Skype Technologies S.A.)
Task: {5E8234FA-76AA-4027-9BB1-11CFAB989903} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-10-27] (Microsoft Corporation)
Task: {62597329-43F1-4C49-8BE1-D8A2A1DA96FE} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {64CFF148-96E9-4D01-A036-31F7B667E68E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {6C6E9F0B-23FA-4A0E-95D8-06E594B7FD6F} - System32\Tasks\{2129728C-A2ED-4D27-9054-5804FFE8AD12} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?source=lig ... rror=12007
Task: {6CDE7E51-777E-4680-B302-AD313DC78329} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-27] (Microsoft Corporation)
Task: {6E091426-A135-4BB6-A4F7-DEDC6B166DA5} - System32\Tasks\{F43BEE90-0B04-481C-A4AE-B14E4A64C978} => C:\Windows\system32\pcalua.exe -a "D:\Program Files (x86)\Death to Spies Moment of Truth\TruthSetup.exe" -d "D:\Program Files (x86)\Death to Spies Moment of Truth"
Task: {6F057450-5BD1-4BE4-BDE0-C32CEFC90734} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-24] (Microsoft Corporation)
Task: {86AB8765-5A97-4139-8709-55952B677924} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [2012-04-11] (ASUSTeK Computer Inc.)
Task: {876B1ADC-656D-4C69-9C5C-FBA27B88CF94} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-14] (Adobe Systems Incorporated)
Task: {9AD1FCA3-5AC5-4699-8195-8567BFC20D75} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {9BA330D2-9313-4F70-8654-2D84AA6976F1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-10-27] (Microsoft Corporation)
Task: {9FE79E2C-EC59-4C66-8434-53A39C06350D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-10-27] (Microsoft Corporation)
Task: {A0353DBF-82BC-4E71-99D9-CC58D03F67A6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A99E1AB1-CBB6-4265-8567-6D278EF989E0} - System32\Tasks\{CBB6172D-E7DD-4959-9484-784F4AC6AD2C} => C:\Windows\system32\pcalua.exe -a C:\Users\Michael\Desktop\STALKER\stk-ww-10005.exe -d C:\Users\Michael\Desktop\STALKER
Task: {ADE1B425-BFDE-4CD2-8D42-9A45D2933269} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-27] (Microsoft Corporation)
Task: {B3694DBF-E5D3-47CB-9065-82B98E539DCF} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-23] (ASUSTek Computer Inc.)
Task: {C2B60F63-B93A-4446-95F4-324D1CA7C2AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-10-27] (Microsoft Corporation)
Task: {C701582F-43DA-4388-9140-13112F4D02A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {CD61EF0D-3806-4661-A7A9-39826F4159E7} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {EF0DD159-7473-4EEE-8A7B-61900F485D19} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F0E4FEE4-42E0-4AF1-A410-C7F2C57148C9} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [2012-04-11] (ASUSTeK Computer Inc.)
Task: {F3BCC21E-7997-4F84-88DD-DFC5E063D1FB} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-06] (AVAST Software)
Task: {F99F6923-1DD2-45C1-942D-FAE6707F1BA9} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-16] (ASUS)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2012-08-06 22:43 - 2015-04-08 22:30 - 000116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-08-06 22:39 - 2012-02-21 20:29 - 000128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2016-12-03 18:12 - 2010-08-19 17:43 - 000386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2010-07-15 00:11 - 2010-07-15 00:11 - 000031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2018-06-25 11:40 - 2018-06-25 11:40 - 000599768 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-06-25 11:40 - 2018-06-25 11:40 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-06-25 11:40 - 2018-06-25 11:40 - 000928984 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-06-25 11:40 - 2018-06-25 11:40 - 000532696 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-06-25 11:40 - 2018-06-25 11:40 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-06-25 11:40 - 2018-06-25 11:40 - 000985304 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-11-14 09:18 - 2018-11-14 09:18 - 005702288 _____ () C:\Program Files\AVAST Software\Avast\defs\18111400\algo.dll
2013-12-10 08:13 - 2015-04-09 01:58 - 000012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2012-02-07 03:32 - 2012-02-07 03:32 - 000009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2007-07-12 19:11 - 2007-07-12 19:11 - 001163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 000073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 001044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-03-01 18:21 - 2018-03-01 18:21 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-06-25 11:40 - 2018-06-25 11:40 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2010-08-20 17:57 - 2010-08-20 17:57 - 000619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 17:57 - 2010-08-20 17:57 - 000013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-08-06 22:39 - 2012-02-21 20:09 - 001198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5D458568 [118]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-11-13 10:50 - 000000061 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1595427855-677584234-4232521315-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: ETDCtrl => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C6F13DB9-29D2-4E71-B0AE-0D211851C27B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EB7131FA-FBFC-4161-8FF3-8F8EF9F889CD}] => (Allow) LPort=2869
FirewallRules: [{329737D5-FC7C-4D3D-B4B4-14F46DE1A158}] => (Allow) LPort=1900
FirewallRules: [{97A01EA2-F65D-4D33-BF50-6720A2B36627}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{FBDAC69B-FD23-4E99-A655-6C8228E497F6}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{DA18E23E-131C-415A-845E-A3C5A0471CAF}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{3F7AEA12-1747-494A-B6A2-613DC90D069A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D5B15ABC-3670-4237-83DA-3A1708E43AE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{076FE504-43E7-4897-AA26-154C021D7A6A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ACE21829-AF0A-4573-BD16-AA09C9E7F417}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F8EC400E-AAFC-4E95-88F5-C3E840339E2C}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{3339FF44-A89E-4C36-9F02-0A9B8C3F0377}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{929B6176-1F55-4224-928D-5BA08D7A39FC}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{510CE67A-FA89-42DD-87D7-F7749CC1B74F}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{62877471-58AD-42D3-BB33-454F66A9BD6E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{7FBEA1CA-46FB-4E8C-808E-9D811310DBBA}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{5D905EAA-61E5-431A-8BB4-C5683145EE43}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{721578E1-3A18-4180-A995-13119378D796}D:\heroes iv\heroes4c.exe] => (Allow) D:\heroes iv\heroes4c.exe
FirewallRules: [UDP Query User{0561BB81-208A-49B8-9540-423D4449F700}D:\heroes iv\heroes4c.exe] => (Allow) D:\heroes iv\heroes4c.exe
FirewallRules: [TCP Query User{1EF23B33-530C-4AC2-8893-85E1B9C754BA}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{79520C1E-70FF-43AC-9798-CD68BD74E2E4}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [{D6604ECE-7DF9-4E10-B75C-B11236FF1042}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4381406-64F4-4167-85C2-3D8171193770}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{2E883802-ABAF-4D09-8C8C-117B7FDBC3A1}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{024ECD0C-5FD9-4669-838A-777247FF1D1E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{6736ED92-FA7D-4AE4-AE35-D441B9005300}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{96205518-9BAC-4AAC-84E7-A8FED9982D86}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{799E73E3-4C6A-4754-995A-FB9C509C1E9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5336A082-AC14-402D-A324-BEE29AFFD0F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B137B3BA-4358-4410-A2C4-5A2C80F7E954}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7BB6E563-3E49-4613-9869-8D5FE6B8CA39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{14B93D68-741D-4B9B-BE0D-2DED4F9885FB}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{93F408C5-1E65-4B63-A6A2-08B4CDC87A94}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{EFBADA6A-FC96-46AE-B7A4-D1FDD4089AEC}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{7C878A3A-E24C-42C2-99A6-8454C1B243BF}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{1234CF76-E27C-4848-B1DC-94721F5B5558}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{C47316A0-A4E6-4C01-AABA-DDDB74C18341}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{25189ACF-ACAB-4055-B8D3-A920ABE2E876}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{02B568A9-B031-480E-94C4-C6D1482C5C49}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{666E1376-A990-407F-954A-D76A9C8C85BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{CE443447-833C-49B6-AACC-66A4806EE74C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{DA777D0F-EABB-464A-864F-540D0933336D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{707083DD-C41E-4205-A3E7-8CBF3B515918}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0A084323-D7DE-480A-94CD-C25FA4ED7469}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{0B96DB10-5749-4D7A-BF6E-1FBAA2C91944}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{05A732AD-53BD-4C91-AF84-127B57AB55FB}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [TCP Query User{E3F0D1BF-7C88-4B1C-B96B-8A5457F4FA86}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{1D92D37E-64F9-4F40-9F50-31C500FE99F8}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{59D1F01C-8853-4703-A838-C1B74EE37359}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{1B3DC0D9-6AA5-4432-A0BA-662220DC7C88}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{C26BF3BB-0F94-4074-94FD-D16F6DF75BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bastion\Bastion.exe
FirewallRules: [{7821AF52-EDA0-4B10-B5EA-1C29E9CE272C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bastion\Bastion.exe
FirewallRules: [{74AF2F41-1CFF-4DB1-BCD5-3461AF87BF6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{1EF5EAA3-A960-4829-9B12-0BB0BD0CEB2C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{656917FC-2BA7-4A17-8914-75867FDC1149}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{AB6231A4-A9BD-4EEB-908E-4975EEBFF5AF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{8400458B-CD20-46B4-95F5-145D342C942E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{AB597DA6-242C-4233-A45C-A073374A9250}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3B49DFF6-7370-4AE1-BFA9-07511D3F76EF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{48CEB0E6-052F-454A-9959-653CB656E8B9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{ABC015C9-C659-45BE-AA84-BC592F372103}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{66F2B792-540F-4106-84A3-1CF73F347465}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{81A204AF-E117-4C3D-BBA2-49E9DBAD3240}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

23-08-2018 12:59:09 Windows Update
31-08-2018 08:15:56 Naplánovaný kontrolní bod
10-09-2018 22:12:38 Naplánovaný kontrolní bod
14-09-2018 13:30:13 Windows Update
24-09-2018 18:09:19 Naplánovaný kontrolní bod
03-10-2018 15:21:47 Naplánovaný kontrolní bod
11-10-2018 10:02:38 Windows Update
12-10-2018 08:21:22 Windows Update
19-10-2018 16:03:35 Naplánovaný kontrolní bod
27-10-2018 14:16:41 Naplánovaný kontrolní bod
30-10-2018 13:04:04 PDF-XChange Editor
07-11-2018 22:52:56 Naplánovaný kontrolní bod
10-11-2018 13:30:12 PDF-XChange Editor
10-11-2018 15:34:13 Removed Wickr Me

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/14/2018 09:35:57 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/14/2018 09:27:57 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/14/2018 09:19:51 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/14/2018 09:18:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FBAgent.exe, verze: 1.0.10.0, časové razítko: 0x4d6f576c
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24260, časové razítko: 0x5b9470be
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000bf302
ID chybujícího procesu: 0x64c
Čas spuštění chybující aplikace: 0x01d47b3111420553
Cesta k chybující aplikaci: C:\Windows\system32\FBAgent.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: e8952d8a-e7e5-11e8-94ad-685d43abd82a

Error: (11/14/2018 09:17:35 AM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: )
Description: Problém zabránil konsolidaci dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů do souborů a jejich odeslání společnosti Microsoft, (chyba 80004005).

Error: (11/13/2018 06:19:41 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/13/2018 05:19:37 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/13/2018 05:05:31 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (11/14/2018 09:18:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AFBAgent byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/13/2018 10:14:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Apple Mobile Device neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/13/2018 10:14:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Apple Mobile Device bylo dosaženo časového limitu (30000 ms).

Error: (11/13/2018 10:13:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba VBoxAsw Support Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (11/13/2018 10:12:04 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (11/13/2018 10:12:04 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (11/13/2018 10:12:04 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (11/13/2018 10:12:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.


Windows Defender:
===================================
Date: 2015-12-20 11:01:04.982
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{8F06D9C2-BB00-4280-8626-F70506C4A7FD}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-10-29 08:22:02.390
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{DD0D8AE6-5C60-4751-BF5D-2AF25FBDCF7B}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2013-09-19 05:38:21.795
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{FCE652D0-76DC-48F6-AE4F-AEBEEACA3D62}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-03-09 12:51:42.281
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070003
Popis chyby:Systém nemůže nalézt uvedenou cestu.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-03-09 12:51:42.281
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

CodeIntegrity:
===================================

Date: 2012-11-24 23:53:58.650
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-24 23:53:58.588
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 52%
Total physical RAM: 3981.81 MB
Available physical RAM: 1902.31 MB
Total Virtual: 7961.77 MB
Available Virtual: 5834.88 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:279.13 GB) (Free:50.46 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:394.18 GB) (Free:81.71 GB) NTFS

\\?\Volume{2cbf14dd-4a28-48bc-8fe6-1e27af4f2e84}\ (Recovery) (Fixed) (Total:25 GB) (Free:7.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 473CAA27)

Partition: GPT.

==================== End of Addition.txt =====================
Obrázek

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: preventivni kontrola

#7 Příspěvek od altrok »

:arrow: Doporučuju odinstalovat McAfee WebAdvisor. Pokud nepoužíváte Javu, buď ji aktualizujte (stáhněte aktuální z java.com) nebo ji odinstalujte.
Dále stiskněte Win+R (klávesa Win je mezi levým Alt a levým Ctrl), vepište "msconfig" bez uvozovek, přejděte na záložku "Po spuštění" a zakažte procesy, které nemusí startovat při startu systému - za sebe doporučuju zakázat alespoň vychytávky od ASUSu.




  • Znovu spustte FRST.exe/FRST64.exe
  • stisknete Ctrl + y (obe klavesy zaroven)
  • otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
  • stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
  • kliknete na tlacitko Fix
  • po restartu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
    CreateRestorePoint:
    CloseProcesses:
    File: C:\Users\Michael\AppData\Roaming\inst.exe
    File: C:\windows\syswow64\dpnsvr.exe
    HKLM-x32\...\Run: [] => [X]
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
    FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
    FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
    FF Plugin HKU\S-1-5-21-1595427855-677584234-4232521315-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
    FF Plugin HKU\S-1-5-21-1595427855-677584234-4232521315-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
    FF Plugin HKU\S-1-5-21-1595427855-677584234-4232521315-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
    S3 CLMirrorDriver; system32\DRIVERS\CLMirrorDriver.sys [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
    S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
    2018-11-12 10:08 - 2012-11-24 13:15 - 000000000 ____D C:\Program Files\trend micro
    2015-05-15 09:47 - 2015-05-15 09:47 - 006420480 _____ () C:\Program Files (x86)\GUT9A6B.tmp
    Task: {01B829EB-06A6-4A1B-AA1D-22B0D13F0B5D} - System32\Tasks\{1A2B106C-6123-4C9A-8EA1-1F2FDA15EE92} => D:\DmC - Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
    Task: {3405D2DB-F4D8-454A-A593-C015D708E472} - System32\Tasks\{B0C8E90D-7C11-43A7-92C1-46940C34E432} => C:\Windows\system32\pcalua.exe -a C:\Users\Michael\Desktop\sp56574.exe -d C:\Users\Michael\Desktop
    Task: {6C6E9F0B-23FA-4A0E-95D8-06E594B7FD6F} - System32\Tasks\{2129728C-A2ED-4D27-9054-5804FFE8AD12} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?sou ... rror=12007
    Task: {6E091426-A135-4BB6-A4F7-DEDC6B166DA5} - System32\Tasks\{F43BEE90-0B04-481C-A4AE-B14E4A64C978} => C:\Windows\system32\pcalua.exe -a "D:\Program Files (x86)\Death to Spies Moment of Truth\TruthSetup.exe" -d "D:\Program Files (x86)\Death to Spies Moment of Truth"
    Task: {A99E1AB1-CBB6-4265-8567-6D278EF989E0} - System32\Tasks\{CBB6172D-E7DD-4959-9484-784F4AC6AD2C} => C:\Windows\system32\pcalua.exe -a C:\Users\Michael\Desktop\STALKER\stk-ww-10005.exe -d C:\Users\Michael\Desktop\STALKER
    AlternateDataStreams: C:\ProgramData\Temp:5D458568 [118]
    CMD: dir "C:\PROGRA~1"
    CMD: dir "C:\PROGRA~2"
    CMD: dir "C:\PROGRA~3"
    CMD: dir "%localappdata%"
    CMD: dir "%appdata%"
    Hosts:
    EmptyTemp:
    End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

mikeav
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 říj 2008 19:23

Re: preventivni kontrola

#8 Příspěvek od mikeav »

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.11.2018
Ran by Michael (14-11-2018 22:11:47) Run:1
Running from C:\Users\Michael\Desktop
Loaded Profiles: Michael (Available Profiles: Michael)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\Users\Michael\AppData\Roaming\inst.exe
File: C:\windows\syswow64\dpnsvr.exe
HKLM-x32\...\Run: [] => [X]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-1595427855-677584234-4232521315-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-1595427855-677584234-4232521315-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-1595427855-677584234-4232521315-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
S3 CLMirrorDriver; system32\DRIVERS\CLMirrorDriver.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
2018-11-12 10:08 - 2012-11-24 13:15 - 000000000 ____D C:\Program Files\trend micro
2015-05-15 09:47 - 2015-05-15 09:47 - 006420480 _____ () C:\Program Files (x86)\GUT9A6B.tmp
Task: {01B829EB-06A6-4A1B-AA1D-22B0D13F0B5D} - System32\Tasks\{1A2B106C-6123-4C9A-8EA1-1F2FDA15EE92} => D:\DmC - Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
Task: {3405D2DB-F4D8-454A-A593-C015D708E472} - System32\Tasks\{B0C8E90D-7C11-43A7-92C1-46940C34E432} => C:\Windows\system32\pcalua.exe -a C:\Users\Michael\Desktop\sp56574.exe -d C:\Users\Michael\Desktop
Task: {6C6E9F0B-23FA-4A0E-95D8-06E594B7FD6F} - System32\Tasks\{2129728C-A2ED-4D27-9054-5804FFE8AD12} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?sou ... rror=12007
Task: {6E091426-A135-4BB6-A4F7-DEDC6B166DA5} - System32\Tasks\{F43BEE90-0B04-481C-A4AE-B14E4A64C978} => C:\Windows\system32\pcalua.exe -a "D:\Program Files (x86)\Death to Spies Moment of Truth\TruthSetup.exe" -d "D:\Program Files (x86)\Death to Spies Moment of Truth"
Task: {A99E1AB1-CBB6-4265-8567-6D278EF989E0} - System32\Tasks\{CBB6172D-E7DD-4959-9484-784F4AC6AD2C} => C:\Windows\system32\pcalua.exe -a C:\Users\Michael\Desktop\STALKER\stk-ww-10005.exe -d C:\Users\Michael\Desktop\STALKER
AlternateDataStreams: C:\ProgramData\Temp:5D458568 [118]
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.

========================= File: C:\Users\Michael\AppData\Roaming\inst.exe ========================

C:\Users\Michael\AppData\Roaming\inst.exe
File is digitally signed
MD5: 16E53BFC96CE14021C0E07EB1C198478
Creation and modification date: 2016-12-28 00:02 - 2016-12-29 20:57
Size: 000099384
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/124f371 ... 541191582/

====== End of File: ======


========================= File: C:\windows\syswow64\dpnsvr.exe ========================

C:\windows\syswow64\dpnsvr.exe
File not signed
MD5: 4DFB1D5CBCF69C909E9B9103EB822E06
Creation and modification date: 2009-07-14 01:05 - 2009-07-14 02:14
Size: 000033280
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: dpnsvr.exe
Original Name: dpnsvr.exe
Product: Microsoft® Windows® Operating System
Description: Microsoft DirectPlay8 Server
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Version: 6.1.7600.16385
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/b5cd23c ... 542164904/

====== End of File: ======

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKU\.DEFAULT\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf => removed successfully
"C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll" => not found
HKU\.DEFAULT\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf => removed successfully
"C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll" => not found
HKU\.DEFAULT\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf => removed successfully
"C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll" => not found
HKU\S-1-5-21-1595427855-677584234-4232521315-1002\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf => removed successfully
"C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll" => not found
HKU\S-1-5-21-1595427855-677584234-4232521315-1002\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf => removed successfully
"C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll" => not found
HKU\S-1-5-21-1595427855-677584234-4232521315-1002\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf => removed successfully
"C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll" => not found
HKLM\System\CurrentControlSet\Services\CLMirrorDriver => removed successfully
CLMirrorDriver => service removed successfully
HKLM\System\CurrentControlSet\Services\EagleX64 => removed successfully
EagleX64 => service removed successfully
HKLM\System\CurrentControlSet\Services\MBAMSwissArmy => removed successfully
MBAMSwissArmy => service removed successfully
HKLM\System\CurrentControlSet\Services\VBoxAswDrv => could not remove, key could be protected
C:\Program Files\trend micro => moved successfully
C:\Program Files (x86)\GUT9A6B.tmp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01B829EB-06A6-4A1B-AA1D-22B0D13F0B5D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01B829EB-06A6-4A1B-AA1D-22B0D13F0B5D}" => removed successfully
C:\Windows\System32\Tasks\{1A2B106C-6123-4C9A-8EA1-1F2FDA15EE92} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1A2B106C-6123-4C9A-8EA1-1F2FDA15EE92}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3405D2DB-F4D8-454A-A593-C015D708E472}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3405D2DB-F4D8-454A-A593-C015D708E472}" => removed successfully
C:\Windows\System32\Tasks\{B0C8E90D-7C11-43A7-92C1-46940C34E432} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B0C8E90D-7C11-43A7-92C1-46940C34E432}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C6E9F0B-23FA-4A0E-95D8-06E594B7FD6F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C6E9F0B-23FA-4A0E-95D8-06E594B7FD6F}" => removed successfully
C:\Windows\System32\Tasks\{2129728C-A2ED-4D27-9054-5804FFE8AD12} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2129728C-A2ED-4D27-9054-5804FFE8AD12}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E091426-A135-4BB6-A4F7-DEDC6B166DA5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E091426-A135-4BB6-A4F7-DEDC6B166DA5}" => removed successfully
C:\Windows\System32\Tasks\{F43BEE90-0B04-481C-A4AE-B14E4A64C978} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F43BEE90-0B04-481C-A4AE-B14E4A64C978}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A99E1AB1-CBB6-4265-8567-6D278EF989E0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A99E1AB1-CBB6-4265-8567-6D278EF989E0}" => removed successfully
C:\Windows\System32\Tasks\{CBB6172D-E7DD-4959-9484-784F4AC6AD2C} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CBB6172D-E7DD-4959-9484-784F4AC6AD2C}" => removed successfully
C:\ProgramData\Temp => ":5D458568" ADS removed successfully

========= dir "C:\PROGRA~1" =========

Svazek v jednotce C je OS.
S‚riov‚ źˇslo svazku je 943E-AD2E.

Věpis adres ýe C:\PROGRA~1

14.11.2018 22:13 <DIR> .
14.11.2018 22:13 <DIR> ..
19.01.2015 18:37 <DIR> 7-Zip
06.08.2012 22:52 <DIR> ASUS
28.09.2014 18:38 <DIR> Avago-HP
03.02.2016 16:41 <DIR> AVAST Software
10.11.2012 05:08 <DIR> Bonjour
10.09.2018 19:57 <DIR> CCleaner
06.12.2017 14:58 <DIR> Common Files
02.02.2015 18:29 <DIR> Cuminas
03.12.2016 18:09 <DIR> CyberLink
15.03.2017 16:33 <DIR> DVD Maker
10.11.2012 05:09 <DIR> Elantech
21.02.2015 20:56 <DIR> Intel
14.11.2018 11:00 <DIR> Internet Explorer
10.08.2014 14:10 <DIR> iPod
10.08.2014 14:11 <DIR> iTunes
17.03.2014 17:13 <DIR> Java
14.07.2009 08:45 <DIR> Microsoft Games
29.03.2016 12:37 <DIR> Microsoft Office 15
19.06.2017 18:43 <DIR> Microsoft Silverlight
14.07.2009 06:32 <DIR> MSBuild
03.12.2016 16:59 <DIR> NewBlue
10.11.2016 19:45 <DIR> NVIDIA Corporation
06.08.2012 22:45 <DIR> Realtek
14.07.2009 06:32 <DIR> Reference Assemblies
13.07.2013 15:45 <DIR> Windows Defender
24.02.2012 12:44 <DIR> Windows Live
11.11.2012 17:14 <DIR> Windows Mail
11.10.2018 20:26 <DIR> Windows Media Player
14.07.2009 06:32 <DIR> Windows NT
11.11.2012 17:14 <DIR> Windows Photo Viewer
10.11.2012 05:17 <DIR> Windows Portable Devices
11.11.2012 17:14 <DIR> Windows Sidebar
10.11.2012 05:09 <DIR> WinRAR
Soubor…: 0, Bajt…: 0
Adres ý…: 35, Volněch bajt…: 55˙109˙095˙424

========= End of CMD: =========


========= dir "C:\PROGRA~2" =========

Svazek v jednotce C je OS.
S‚riov‚ źˇslo svazku je 943E-AD2E.

Věpis adres ýe C:\PROGRA~2

14.11.2018 22:13 <DIR> .
14.11.2018 22:13 <DIR> ..
12.11.2016 19:36 <DIR> Adobe
10.11.2012 05:06 <DIR> Apple Software Update
28.11.2012 17:07 <DIR> ASUS
06.04.2018 15:14 <DIR> AVAST Software
10.11.2012 05:06 <DIR> Bonjour
08.05.2017 11:30 <DIR> CDBurnerXP
06.08.2012 22:47 <DIR> Cisco
10.10.2018 19:44 <DIR> Common Files
25.03.2018 15:21 <DIR> CR2 Converter
02.02.2015 18:29 <DIR> Cuminas
28.02.2015 13:07 <DIR> CyberLink
08.05.2017 10:40 <DIR> DVD Shrink
21.02.2015 22:27 <DIR> FileHippo.com
11.12.2013 00:10 <DIR> Google
15.05.2015 09:47 <DIR> GUM9A6A.tmp
28.09.2014 18:43 <DIR> HP
21.02.2015 20:56 <DIR> Intel
06.08.2012 22:51 <DIR> Intel Corporation
13.03.2015 15:51 <DIR> Intel Driver Update Utility
14.11.2018 11:00 <DIR> Internet Explorer
10.08.2014 14:11 <DIR> iTunes
30.09.2018 13:10 <DIR> McAfee
22.09.2013 22:40 <DIR> Microsoft
18.10.2014 11:45 <DIR> Microsoft ASP.NET
14.11.2018 10:21 <DIR> Microsoft Office
29.03.2016 12:56 <DIR> Microsoft OneDrive
19.06.2017 18:43 <DIR> Microsoft Silverlight
24.02.2012 12:48 <DIR> Microsoft SQL Server Compact Edition
29.03.2016 12:54 <DIR> Microsoft.NET
14.07.2009 06:32 <DIR> MSBuild
03.12.2016 16:59 <DIR> NewBlue
03.12.2016 16:59 <DIR> NSIS Uninstall Information
28.04.2015 01:42 <DIR> NVIDIA Corporation
10.11.2014 20:42 <DIR> OpenOffice 4
01.12.2013 23:09 <DIR> OpenOffice.org 3
20.01.2017 19:30 <DIR> PhotoFiltre 7
20.01.2017 19:41 <DIR> PhotoFiltre Studio X
20.01.2017 19:31 <DIR> PhotoScape
06.08.2012 22:46 <DIR> Realtek
14.07.2009 06:32 <DIR> Reference Assemblies
05.09.2017 18:52 <DIR> Skype
17.10.2012 13:18 <DIR> SmartSound Software
29.10.2014 12:26 <DIR> SpeedFan
14.11.2018 21:05 <DIR> Steam
10.11.2012 05:08 <DIR> The KMPlayer
17.10.2012 14:47 <DIR> uTorrent
21.03.2017 15:03 <DIR> VideoLAN
09.03.2018 20:14 <DIR> Web Components
13.07.2013 15:45 <DIR> Windows Defender
24.02.2012 12:51 <DIR> Windows Live
11.11.2012 17:14 <DIR> Windows Mail
11.10.2018 20:26 <DIR> Windows Media Player
14.07.2009 06:32 <DIR> Windows NT
07.08.2014 13:58 <DIR> Windows Phone
11.11.2012 17:14 <DIR> Windows Photo Viewer
18.02.2011 21:09 <DIR> Windows Portable Devices
11.11.2012 17:14 <DIR> Windows Sidebar
Soubor…: 0, Bajt…: 0
Adres ý…: 59, Volněch bajt…: 55˙109˙120˙000

========= End of CMD: =========


========= dir "C:\PROGRA~3" =========

Svazek v jednotce C je OS.
S‚riov‚ źˇslo svazku je 943E-AD2E.

Věpis adres ýe C:\PROGRA~3

10.11.2018 13:31 <DIR> .
10.11.2018 13:31 <DIR> ..
12.11.2016 19:35 <DIR> Adobe
10.08.2014 14:06 <DIR> Apple
16.10.2012 17:28 <DIR> Apple Computer
07.08.2014 13:56 <DIR> Applications
16.10.2012 17:48 <DIR> Asus
24.02.2012 12:54 <DIR> ASUS WebStorage
08.04.2018 15:44 <DIR> AVAST Software
08.05.2017 11:30 <DIR> Canneverbe Limited
10.11.2012 05:09 <DIR> ChangeFolderView
03.12.2016 18:08 <DIR> CLSK
03.12.2016 17:01 <DIR> CyberLink
09.07.2018 16:48 <DIR> DAEMON Tools Lite
08.05.2017 10:57 <DIR> DVD Shrink
17.10.2012 13:18 <DIR> eSellerate
16.10.2012 14:50 <DIR> FolderView
30.09.2014 22:17 <DIR> Hewlett-Packard
02.03.2016 20:13 <DIR> HitmanPro
30.09.2014 22:17 <DIR> HP
03.12.2016 17:06 <DIR> install_backup
03.12.2016 17:00 <DIR> install_clap
20.06.2014 16:16 <DIR> Intel
21.02.2015 20:50 <DIR> IntelDLM
26.01.2017 12:56 <DIR> M-Photo
02.03.2016 18:55 <DIR> Malwarebytes
09.07.2018 16:49 <DIR> McAfee
29.03.2016 12:56 <DIR> Microsoft OneDrive
21.12.2013 19:50 <DIR> Nexon
23.10.2012 13:32 <DIR> NexonEU
10.11.2016 19:48 <DIR> NVIDIA
10.08.2014 13:53 <DIR> NVIDIA Corporation
09.03.2015 21:44 <DIR> P4G
10.11.2018 13:33 <DIR> Package Cache
14.11.2018 10:28 <DIR> regid.1991-06.com.microsoft
15.11.2017 13:25 <DIR> Skype
17.10.2012 13:18 <DIR> SmartSound Software Inc
19.06.2017 14:46 <DIR> Steam
03.12.2016 17:06 <DIR> SUPPORTDIR
03.12.2016 17:06 <DIR> Temp
06.08.2012 22:55 <DIR> USBChargerPlus
25.02.2017 14:17 <DIR> VSO
28.12.2016 00:52 <DIR> vsosdk
06.08.2012 22:57 109 {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
06.08.2012 22:56 105 {40BF1E83-20EB-11D8-97C5-0009C5020658}.log
06.08.2012 22:56 107 {C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Soubor…: 3, Bajt…: 321
Adres ý…: 43, Volněch bajt…: 55˙109˙115˙904

========= End of CMD: =========


========= dir "%localappdata%" =========

Svazek v jednotce C je OS.
S‚riov‚ źˇslo svazku je 943E-AD2E.

Věpis adres ýe C:\Users\Michael\AppData\Local

13.11.2018 10:15 <DIR> .
13.11.2018 10:15 <DIR> ..
20.06.2014 16:19 <DIR> 238010
16.10.2012 17:31 <DIR> 2DBoy
10.11.2018 15:41 <DIR> Adobe
16.10.2012 17:26 <DIR> Apple
16.10.2012 18:31 <DIR> Apple Computer
02.11.2014 12:24 <DIR> ASUS
25.06.2018 12:00 <DIR> AVAST Software
05.03.2015 17:49 <DIR> Axialis
28.08.2015 15:38 <DIR> CEF
03.01.2017 12:04 <DIR> Chromium
03.12.2016 17:00 <DIR> CyberLink
08.03.2013 17:50 7˙680 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
31.10.2018 18:59 <DIR> Diagnostics
09.07.2018 16:51 <DIR> Disc_Soft_Ltd
05.05.2013 15:31 <DIR> Downloaded Installations
06.08.2014 16:03 <DIR> dxhr
08.09.2013 11:41 <DIR> EA Games
26.11.2017 15:09 <DIR> ElevatedDiagnostics
29.03.2016 20:30 121˙272 GDIPFONTCACHEV1.DAT
05.11.2016 13:44 <DIR> Google
01.06.2015 14:51 <DIR> GWX
21.02.2015 19:53 <DIR> Intel
23.10.2012 17:34 <DIR> Intel WiDi
26.01.2017 13:08 <DIR> M-Photo_Ltd
14.04.2017 14:07 <DIR> Microsoft
10.08.2014 13:53 <DIR> NVIDIA
10.08.2014 13:53 <DIR> NVIDIA Corporation
02.03.2016 18:19 <DIR> Opera Software
16.10.2012 15:08 <DIR> Power2Go
08.09.2013 11:11 <DIR> Programs
09.11.2012 20:58 7˙608 Resmon.ResmonCfg
14.06.2016 16:35 <DIR> Skype
03.01.2017 12:05 <DIR> Steam
14.11.2018 22:08 <DIR> Temp
24.10.2012 18:04 <DIR> VirtualStore
20.11.2016 17:15 <DIR> Wickr, LLC
04.11.2015 15:59 <DIR> Windows Live
03.06.2014 21:25 <DIR> Windows Live Writer
13.06.2014 11:08 <DIR> {0ED61C64-B60A-4347-BBD8-605B01279FFD}
03.06.2014 21:25 <DIR> {1D2B8AA2-095F-4B90-8BA1-8C788D259F30}
13.06.2014 11:07 <DIR> {6CA5ADC4-8A83-4697-A4B7-A7184F5D27B7}
04.11.2015 16:00 <DIR> {7D01A440-397C-4A33-B316-5BC66D4216B4}
15.02.2016 23:06 <DIR> {8C6232F4-A3F2-4BD4-93CA-ABA4DA237A37}
03.06.2014 21:25 <DIR> {CBBA37DD-8367-4EC7-9F8A-6D1CE0E1B942}
16.10.2012 16:21 <DIR> {DDA9D3C1-77BF-45D0-9CE2-E1CC08F0C4C1}
Soubor…: 3, Bajt…: 136˙560
Adres ý…: 44, Volněch bajt…: 55˙109˙111˙808

========= End of CMD: =========


========= dir "%appdata%" =========

Svazek v jednotce C je OS.
S‚riov‚ źˇslo svazku je 943E-AD2E.

Věpis adres ýe C:\Users\Michael\AppData\Roaming

30.10.2018 13:11 <DIR> .
30.10.2018 13:11 <DIR> ..
16.10.2012 17:56 <DIR> Adobe
17.10.2012 18:11 <DIR> Apple Computer
28.11.2012 17:06 <DIR> ASUS WebStorage
12.12.2016 16:16 <DIR> Audacity
28.12.2013 13:02 <DIR> AVAST Software
04.06.2013 10:23 <DIR> Bioshock
08.05.2017 11:30 <DIR> Canneverbe Limited
08.05.2017 11:21 <DIR> CyberLink
09.07.2018 16:52 <DIR> DAEMON Tools Lite
14.06.2018 10:32 <DIR> dvdcss
03.05.2014 17:17 <DIR> Identities
29.12.2016 20:57 99˙384 inst.exe
16.10.2012 14:50 <DIR> Intel
16.10.2012 17:07 <DIR> Macromedia
14.07.2009 08:44 <DIR> Media Center Programs
12.12.2013 20:34 <DIR> Mount&Blade Warband
01.08.2013 21:29 <DIR> NVIDIA
01.12.2013 23:10 <DIR> OpenOffice
16.10.2012 19:43 <DIR> OpenOffice.org
02.03.2016 18:19 <DIR> Opera Software
29.12.2016 20:57 7˙859 pcouffin.cat
29.12.2016 20:57 1˙167 pcouffin.inf
29.12.2016 20:57 55 pcouffin.log
29.12.2016 20:57 82˙816 pcouffin.sys
20.01.2017 19:40 <DIR> PhotoFiltre 7
20.01.2017 20:58 <DIR> PhotoFiltre Studio X
10.01.2018 21:45 <DIR> PhotoScape
14.11.2017 12:05 <DIR> Skype
14.11.2018 16:55 380 sp_data.sys
11.06.2015 20:40 <DIR> TeamViewer
30.10.2018 13:11 <DIR> Tracker Software
24.01.2013 13:49 <DIR> Ubisoft
23.06.2018 09:43 <DIR> uTorrent
29.10.2012 19:19 <DIR> VitySoft
15.06.2018 09:23 <DIR> vlc
29.12.2016 20:57 <DIR> VSO
03.06.2014 21:25 <DIR> Windows Live Writer
17.10.2012 13:36 <DIR> WinRAR
13.06.2013 00:14 <DIR> XRay Engine
Soubor…: 6, Bajt…: 191˙661
Adres ý…: 35, Volněch bajt…: 55˙109˙107˙712

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43203053 B
Java, Flash, Steam htmlcache => 662649839 B
Windows/system/drivers => 137204680 B
Edge => 0 B
Chrome => 783643393 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 50088 B
systemprofile32 => 33618 B
LocalService => 0 B
NetworkService => 0 B
UpdatusUser => 0 B
Michael => 114510667 B

RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 14-11-2018 22:21:42)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\VBoxAswDrv => could not remove, key could be protected

==== End of Fixlog 22:21:43 ====
Obrázek

mikeav
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 říj 2008 19:23

Re: preventivni kontrola

#9 Příspěvek od mikeav »

po tomto zásahu mi přestal fungovat google chrome tak jak by měl
Obrázek

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: preventivni kontrola

#10 Příspěvek od altrok »

Co si mám představit pod pojmem "tak jak by měl"? Poprosím o podrobnější popis, jak Chrome dříve fungoval a jak funguje teď.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

mikeav
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 04 říj 2008 19:23

Re: preventivni kontrola

#11 Příspěvek od mikeav »

Když např. otevřu v prohlížeči svůj gmail, tak se nenačte a i další stránky se přestanou načítat. Dále YT videa se načítají velmi pomalu a to platí i o Messengeru na FB. Nemohlo dojít k nějakému poškození pluginů?
Obrázek

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: preventivni kontrola

#12 Příspěvek od altrok »

Jediné, co se provádělo s Chromem, bylo vyprázdnění jeho cache. Napadá mě maximálně Chrome zazálohovat (zalozky a hesla napr. pomoci http://www.stahuj.centrum.cz/internet_a ... me-backup/ ) a následně jej přeinstalovat.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Odpovědět