Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu a pomoc

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
William_CZ
Návštěvník
Návštěvník
Příspěvky: 72
Registrován: 11 črc 2007 18:41
Kontaktovat uživatele:

Prosím o kontrolu a pomoc

#1 Příspěvek od William_CZ »

Zdravím všechny, prosím o pomoc. Zasílám logy k posouzení z RSIT a FRST. Počítač se zasekává.

Případně prosím o pomoc jak VYPNOUT natrvalo aktualizace windows. Mám Mini PC os Aceru s 16GB HDD a aktualizace mi dost znepříjemňují život. Buď zahlásí že nejdou instalovat kvůli místu, smažou se a stupidně se opakuje pokus o st žení instalaci znovu. Popřípadě to zahlásí již při stahování aktualizace, smažou se soubory a ihned se stahuje znovu. Nikde to nejde vypnout. Poradíte mi prosím někdo jak tyto AGRESIVNÍ aktualizace vypnout? Mám legální Win k tomu mini PC a asi bych ho i raději neměl... Děkuji z každou radu.


ADDITION:
********************************************************
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.11.2018
Ran by minipc (17-11-2018 13:11:50)
Running from C:\Users\minipc\Desktop
Windows 10 Home Version 1709 16299.547 (X64) (2018-03-03 20:46:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1702915684-628408484-2569768411-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1702915684-628408484-2569768411-503 - Limited - Disabled)
Guest (S-1-5-21-1702915684-628408484-2569768411-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1702915684-628408484-2569768411-1005 - Limited - Enabled)
minipc (S-1-5-21-1702915684-628408484-2569768411-1001 - Administrator - Enabled) => C:\Users\minipc
WDAGUtilityAccount (S-1-5-21-1702915684-628408484-2569768411-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Firewall (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3038 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{4B92BFBE-917D-4FA1-97E9-DB9D91286E90}) (Version: 3.0.18135.100 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3001 - Acer Incorporated)
Acer Revo Suite (HKLM\...\{CD0ADB6F-8605-4102-BD68-9A365A652446}) (Version: 1.00.3016 - Acer Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender)
Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 22.0.1.1 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.45 - Piriform)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3013 - Acer Incorporated)
EaseUS Todo Backup Free 10.6 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 10.6 - CHENGDU YIWO Tech Development Co., Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HappyFoto-Designer 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10604.207 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4320 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1094 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265}) (Version: 18.1.1546.2762 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2733506-e526-4bae-bc12-b2d37e2016ec}) (Version: 18.30.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kodi (HKU\S-1-5-21-1702915684-628408484-2569768411-1001\...\Kodi) (Version: - XBMC-Foundation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mouse Server verze 1.7.7.5 (HKLM-x32\...\{7AFAA880-BB05-4E38-9279-C53EECE1B7BE}_is1) (Version: 1.7.7.5 - Necta Inc.)
Mozilla Firefox 63.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.3 (x64 en-US)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.29094 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Wise Auto Shutdown 1.6.2 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.6.2 - WiseCleaner.com, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-11-30] (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {144F857A-5A16-4C9D-A5A0-78B0D6E94B19} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-14] (Adobe Systems Incorporated)
Task: {1E3D3F0D-0E9A-4E0E-A0EC-CFF061555B5D} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2017-05-24] ()
Task: {27EF378B-EAD9-4A99-ADC1-9BBBFFC41A5A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-26] (Google Inc.)
Task: {3E78D987-B76E-4C8E-8219-FED27A1A6E34} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3EF15D2D-D4D4-4DA6-B7DF-6515BE8DD0B7} - System32\Tasks\CCleaner Update
Task: {4945B1CC-FA44-4D81-BAA1-EA64ED62F90F} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-11-25] ()
Task: {4A7C50E0-1BD4-44F7-BAF8-EB76670D650B} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-11-25] (Acer Incorporated)
Task: {4BEB83E8-062C-4264-898D-836693D3F78A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe [2018-11-14] (Adobe Systems Incorporated)
Task: {532801AF-8957-4573-B3B0-619EF8A64570} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {5CEEA067-3CF8-4C37-B8F3-51C456648520} - System32\Tasks\Wise Auto Shutdown Task.job => C:\Program Files (x86)\Wise\Wise Auto Shutdown\WiseAutoShutdown.exe [2017-07-13] (WiseCleaner.COM)
Task: {6AB9609F-1205-44F4-B526-C36E9C1526FB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-07-20] (Piriform Ltd)
Task: {6DCCD660-8E6C-4D6A-9136-F861FD9388AA} - System32\Tasks\CareCenter\SecurityHealth_Reg_HKLMRun => C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29] (Microsoft Corporation)
Task: {7E95CD6C-FC42-469B-9056-512A3F8DA8EB} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-07-31] (Bitdefender)
Task: {8AC27D49-2316-4180-9A36-EC8027A26A4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-26] (Google Inc.)
Task: {9CD10937-D1FB-4A6A-9627-515A01B2167B} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
Task: {A91F1C35-2A49-4B3D-840C-3B0324AE932D} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-09-26] (Acer Incorporated)
Task: {B20D7ABB-2B05-4EE1-919A-EB1D909153EF} - System32\Tasks\CareCenter\RTHDVCPL_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-29] (Realtek Semiconductor)
Task: {C24B1F21-74E0-4204-9A36-EA78D5CDE123} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2018-11-01] (Bitdefender)
Task: {C6F84A05-F20A-47CD-B206-1EC175F93ED8} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [2018-09-26] (Acer)
Task: {D4DE7F4D-C680-49B6-988E-2336D148EBA6} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2018-05-28] ()
Task: {F6987ABA-D4D0-4221-9E7D-6064F8A284EA} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-01-20] (Acer Incorporated)
Task: {F88954FE-FB7E-441D-AB5A-A57A70C345F5} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-20] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-11-15 10:09 - 2018-11-15 10:09 - 000994752 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_02951_005\ashttpbr.mdl
2018-11-15 10:09 - 2018-11-15 10:09 - 000544880 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_02951_005\ashttpdsp.mdl
2018-11-15 10:09 - 2018-11-15 10:09 - 003240080 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_02951_005\ashttpph.mdl
2018-11-15 10:09 - 2018-11-15 10:09 - 001530368 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_02951_005\ashttprbl.mdl
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-04-11 03:37 - 2015-11-30 20:51 - 000384104 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-03-03 21:59 - 2017-08-30 12:29 - 000260752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2018-07-31 16:21 - 2018-06-29 09:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-07-31 16:22 - 2018-06-29 08:57 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-25 16:28 - 2018-01-24 08:46 - 000226816 _____ () C:\Program Files (x86)\Mouse Server\Mouse Server Luminati.exe
2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-07-20 18:21 - 2018-07-20 18:21 - 000084808 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-11-17 09:10 - 2018-11-17 09:10 - 000113664 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\_ctypes.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000080896 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\bz2.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 001792512 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\_hashlib.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000128512 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\win32api.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000137728 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\pywintypes27.dll
2018-11-17 09:10 - 2018-11-17 09:10 - 000548864 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\pythoncom27.dll
2018-11-17 09:10 - 2018-11-17 09:10 - 000689664 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\unicodedata.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000438784 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\win32com.shell.shell.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 001489408 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\wx._core_.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 001007104 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\wx._gdi_.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 001039872 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\wx._windows_.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 001325056 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\wx._controls_.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000916992 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\wx._misc_.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 001084416 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\pysqlite2._sqlite.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000149504 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\win32file.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000136192 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\win32security.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000007680 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\hashobjs_ext.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000020992 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\thumbnails_ext.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000118784 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\usb_ext.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000047616 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\_socket.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 002224640 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\_ssl.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000014848 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\common.time34.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000023040 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\win32event.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000034304 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\windows.conditional.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000020480 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\windows.winwrap.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000110080 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\windows.volumes.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000223232 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\win32gui.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000173568 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\_elementtree.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000169472 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\pyexpat.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000048128 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\win32inet.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000103424 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\wx._html2.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000046080 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\_psutil_windows.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000633272 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\windows._cacheinvalidation.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000011776 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\win32crypt.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000301568 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\PIL._imaging.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000032256 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\_multiprocessing.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 005752320 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\cello.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000026112 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\_yappi.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000044032 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\win32process.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000027648 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\win32pipe.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000010752 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\select.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000029696 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\win32pdh.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000038400 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\windows.connectivity.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000073216 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\windows.device_monitor.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000020480 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\win32profile.pyd
2018-11-17 09:10 - 2018-11-17 09:10 - 000026624 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI35562\win32ts.pyd
2018-05-28 19:00 - 2018-05-28 19:00 - 004696880 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2018-11-14 07:56 - 2018-11-08 23:14 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libglesv2.dll
2018-11-14 07:56 - 2018-11-08 23:14 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libegl.dll
2018-03-03 21:59 - 2017-02-21 17:19 - 000083136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000019648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000090816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2018-03-03 21:59 - 2016-03-07 18:08 - 001291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2018-03-03 21:59 - 2004-10-05 03:08 - 000055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000024768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000188608 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2018-03-03 21:59 - 2017-08-30 12:25 - 000183440 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000163520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt_RTTO.dll
2018-03-03 21:59 - 2017-08-30 12:27 - 000055952 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000018112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2018-03-03 21:58 - 2017-08-30 12:25 - 000061072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2018-03-03 21:59 - 2017-09-04 17:39 - 000699024 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuActiveOnline.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000487568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EULicenseDLL.DLL
2018-03-03 21:59 - 2017-08-30 12:26 - 000021648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\fsclog.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000085648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000032912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000070800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000160400 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000296592 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000078528 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000305808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSUtil.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000210112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000026304 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CallbackOperator.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000074432 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000142016 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2018-03-03 21:59 - 2017-09-11 14:28 - 000085136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000844944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000195776 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000414400 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000162448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000029376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000114368 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000026816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000022720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000034448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000054464 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2018-03-03 21:58 - 2017-08-30 12:25 - 000026768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000066240 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000072848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000221376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000079040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2018-03-03 21:58 - 2017-08-30 12:25 - 000021648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000138432 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000021696 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2018-03-03 21:59 - 2017-08-30 12:27 - 000074896 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlExBrowser.dll
2018-03-03 21:59 - 2017-08-30 12:27 - 000585872 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlSMOCPlusPlus.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000045248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2018-03-03 21:59 - 2017-08-30 12:25 - 000367760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2018-03-03 21:59 - 2017-08-30 12:25 - 000141456 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000149184 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000052416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000064192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000091840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000058560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000210112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2018-09-25 16:28 - 2018-11-17 09:10 - 001400928 _____ () C:\Program Files (x86)\Mouse Server\lum_sdk32_clr.dll
2018-03-03 21:34 - 2018-03-03 21:34 - 000015136 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2017-09-26 12:35 - 2017-09-26 12:35 - 000013088 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2017-09-26 12:34 - 2017-09-26 12:34 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2018-11-17 12:17 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1702915684-628408484-2569768411-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 81.19.33.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: Amazon Assistant Service => 2
MSCONFIG\Services: wuauserv => 3
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\...\StartupApproved\Run: => "OneDriveSetup"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{12D57DCD-C874-402C-B37D-592D6CD0AEB6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{F61216F0-8B69-4004-BC0E-7A26D7B6934A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{FBCE4A41-0783-4831-A03D-30C242408293}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{15709136-3E32-4142-B7A7-A056DBC475AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{09F68003-B2E3-4352-8029-90108C4751D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9DECB815-A065-465B-87C6-948EA9743031}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{A33CC59E-5597-4598-BCA1-F3099DE6802D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{793FC74E-A432-4CC9-A824-1D19A6A7578D}] => (Allow) C:\Program Files (x86)\Acer\Revo Suite\tvnserver.exe
FirewallRules: [TCP Query User{D7BE8FA1-A409-4BA8-8AD6-D87A4CFB0B71}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{920C2341-858B-4945-A4B4-E81E05396E67}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{16843FE9-A191-46D6-9630-804F18E8436F}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{2356B643-8EC2-474A-B2B0-1D8FC694B4EE}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{84A97062-76CD-452A-91BD-81D304684B79}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{49B2C9B4-A06C-4035-9FD1-90249EF11B07}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{5329D6B7-BB93-4105-AA55-74CC2D527928}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{77911D02-41CA-4B86-805F-AAA23D114B58}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{542BB1A2-27E3-48D9-AF50-7DC3C656B7E5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FD462630-C713-4212-9FB9-96A914750882}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3D98DAB1-93E0-4576-B91D-E60AB484CEBF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F1DB7840-A935-43A3-9DF6-FED9655F7FF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F651906B-53B8-44F3-9D4B-236AF85645A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{12C773E6-E130-42C0-B0E4-BE45A5BDD92B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C43AAA33-B7F1-458A-A999-D143737AC9CA}C:\program files (x86)\mouse server\mouseserver.exe] => (Block) C:\program files (x86)\mouse server\mouseserver.exe
FirewallRules: [UDP Query User{57D3F572-2F26-4B3C-9351-54D454AD5F52}C:\program files (x86)\mouse server\mouseserver.exe] => (Block) C:\program files (x86)\mouse server\mouseserver.exe
FirewallRules: [{98A85E7D-4759-4D25-9F12-78A870122C73}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/17/2018 01:04:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000004
Posun chyby: 0x00007fff82a150d8
ID chybujícího procesu: 0x28d0
Čas spuštění chybující aplikace: 0x01d47e6dac8e2f13
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 906e22f3-44a3-4995-8829-98b25e7ab88d
Úplný název chybujícího balíčku: Microsoft.Windows.Apprep.ChxApp_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (11/17/2018 12:37:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: kodi.exe, verze: 17.3.0.0, časové razítko: 0x5925f940
Název chybujícího modulu: kodi.exe, verze: 17.3.0.0, časové razítko: 0x5925f940
Kód výjimky: 0xc0000005
Posun chyby: 0x001b7a70
ID chybujícího procesu: 0x15a4
Čas spuštění chybující aplikace: 0x01d47e4d890c8ff1
Cesta k chybující aplikaci: C:\Program Files (x86)\Kodi\kodi.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Kodi\kodi.exe
ID zprávy: 110c302f-0bca-4c56-adb0-ebdfc9eec5c8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/17/2018 09:09:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x25d8
Čas spuštění chybující aplikace: 0x01d47e4ce9f453d3
Cesta k chybující aplikaci: C:\WINDOWS\system32\igfxHK.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\igfxHK.exe
ID zprávy: e17ad7ea-8aa3-4e1a-b090-256a98419edd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/16/2018 05:39:34 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (11/16/2018 05:35:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x11a8
Čas spuštění chybující aplikace: 0x01d47dca64cacacc
Cesta k chybující aplikaci: C:\WINDOWS\system32\igfxHK.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\igfxHK.exe
ID zprávy: 4cce777b-2375-4f25-9d18-bf2196b49dd1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/16/2018 02:48:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x13dc
Čas spuštění chybující aplikace: 0x01d47db2fdef3c64
Cesta k chybující aplikaci: C:\WINDOWS\system32\igfxHK.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\igfxHK.exe
ID zprávy: b7d7e436-171d-4ac0-96a4-f5e9de22824e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/16/2018 01:18:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: kodi.exe, verze: 17.3.0.0, časové razítko: 0x5925f940
Název chybujícího modulu: ntdll.dll, verze: 10.0.16299.547, časové razítko: 0xaeec4354
Kód výjimky: 0xc0000005
Posun chyby: 0x0002c236
ID chybujícího procesu: 0x2a70
Čas spuštění chybující aplikace: 0x01d47da66058ca4e
Cesta k chybující aplikaci: C:\Program Files (x86)\Kodi\kodi.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 9f9dd098-ba6f-469a-bfad-be5a7e196696
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/16/2018 01:13:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: kodi.exe, verze: 17.3.0.0, časové razítko: 0x5925f940
Název chybujícího modulu: ntdll.dll, verze: 10.0.16299.547, časové razítko: 0xaeec4354
Kód výjimky: 0xc0000008
Posun chyby: 0x0002c2d8
ID chybujícího procesu: 0x2894
Čas spuštění chybující aplikace: 0x01d47da5b212d0f1
Cesta k chybující aplikaci: C:\Program Files (x86)\Kodi\kodi.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 66759e6b-c069-4266-b80a-2e93140497e4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (11/17/2018 01:11:39 PM) (Source: DCOM) (EventID: 10016) (User: MINIPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli MINIPC\minipc (SID: S-1-5-21-1702915684-628408484-2569768411-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/17/2018 01:07:39 PM) (Source: DCOM) (EventID: 10016) (User: MINIPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli MINIPC\minipc (SID: S-1-5-21-1702915684-628408484-2569768411-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/17/2018 12:37:33 PM) (Source: DCOM) (EventID: 10016) (User: MINIPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli MINIPC\minipc (SID: S-1-5-21-1702915684-628408484-2569768411-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/17/2018 09:09:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/17/2018 09:09:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/16/2018 05:36:03 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (11/16/2018 05:35:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/16/2018 05:35:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-03-03 21:45:47.201
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-03-03 21:45:46.563
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte zařízení.

CodeIntegrity:
===================================

Date: 2018-11-16 17:36:03.766
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-11-16 14:48:32.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-11-13 17:42:52.109
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-11-13 15:05:06.845
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-11-13 13:42:20.789
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-11-12 19:01:45.993
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-11-05 11:29:09.694
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-29 11:38:57.597
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU J3060 @ 1.60GHz
Percentage of memory in use: 70%
Total physical RAM: 4008.27 MB
Available physical RAM: 1165.24 MB
Total Virtual: 7109.57 MB
Available Virtual: 1346.2 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:27.69 GB) (Free:1 GB) NTFS
Drive d: (Elements) (Fixed) (Total:931.48 GB) (Free:685.67 GB) NTFS

\\?\Volume{5a2cda7b-7fdc-453b-b742-9474a01960e2}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
\\?\Volume{d326e7b4-e275-4f66-a221-c789383e95ae}\ () (Fixed) (Total:0.83 GB) (Free:0.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 29.1 GB) (Disk ID: 9AC8192F)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt ============================





FRST
******************************************************************
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.11.2018
Ran by minipc (administrator) on MINIPC (17-11-2018 13:05:34)
Running from C:\Users\minipc\Desktop
Loaded Profiles: minipc (Available Profiles: minipc)
Platform: Windows 10 Home Version 1709 16299.547 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Revo Suite\SmartControlService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Revo Suite\RevoSuiteTray.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(WiseCleaner.COM) C:\Program Files (x86)\Wise\Wise Auto Shutdown\WiseAutoShutdown.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(wifimouse.necta.us) C:\Program Files (x86)\Mouse Server\MouseServer.exe
() C:\Program Files (x86)\Mouse Server\Mouse Server Luminati.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Luminati Networks Ltd.) C:\Program Files (x86)\Mouse Server\Luminati\net_svc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-07-29] (Realtek Semiconductor)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\...\Run: [MouseServer] => C:\Program Files (x86)\Mouse Server\MouseServer.exe [520704 2018-01-24] (wifimouse.necta.us)
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18534016 2018-07-20] (Piriform Ltd)
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 81.19.33.2 8.8.8.8 192.168.0.254
Tcpip\..\Interfaces\{9ed2e04c-6c5e-405c-a48c-05395046273d}: [DhcpNameServer] 81.19.33.2 8.8.8.8 192.168.0.254
Tcpip\..\Interfaces\{f289421b-9179-4ab4-8c94-6ade08d0c204}: [DhcpNameServer] 81.19.33.2 8.8.8.8 192.168.0.254

Internet Explorer:
==================
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-1702915684-628408484-2569768411-1001 -> DefaultScope {3469702A-231C-458B-B233-38E301FEB16A} URL =
SearchScopes: HKU\S-1-5-21-1702915684-628408484-2569768411-1001 -> {3469702A-231C-458B-B233-38E301FEB16A} URL =
BHO: Bitdefender - Portmonka -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-09-24] (Bitdefender)
BHO-x32: Bitdefender - Portmonka -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-09-24] (Bitdefender)
Toolbar: HKLM - Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-09-24] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-09-24] (Bitdefender)

FireFox:
========
FF DefaultProfile: 85l001sa.default
FF ProfilePath: C:\Users\minipc\AppData\Roaming\Mozilla\Firefox\Profiles\85l001sa.default [2018-11-17]
FF Homepage: Mozilla\Firefox\Profiles\85l001sa.default -> www.seznam.cz/
FF Extension: (Czech (CZ) Language Pack) - C:\Users\minipc\AppData\Roaming\Mozilla\Firefox\Profiles\85l001sa.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2018-10-28]
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\minipc\AppData\Roaming\Mozilla\Firefox\Profiles\85l001sa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-11-15]
FF Extension: (Firefox Monitor) - C:\Users\minipc\AppData\Roaming\Mozilla\Firefox\Profiles\85l001sa.default\features\{8e21837e-ae65-4692-93e6-876e3e46c2f4}\fxmonitor@mozilla.org.xpi [2018-11-15]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2017-07-27] [Legacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-cs@firefox.mozilla.org [2017-07-27] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2017-07-27] [Legacy]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2018-09-24]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2018-02-27] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_148.dll [2018-11-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_148.dll [2018-11-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default [2018-11-17]
CHR Extension: (Disk Google) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-17]
CHR Extension: (Výdaje na dům mimo firmu - Tabulky Go...) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcdgieepoenbckmnicdpgcjldnnnjlnl [2017-07-30]
CHR Extension: (Right Click Google Translator) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkdgglkocfpfmlpfmldpmebkceelhif [2017-12-18]
CHR Extension: (Tampermonkey) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-11-17]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2018-08-02]
CHR Extension: (Bitdefender Wallet) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2018-03-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-22]
CHR Extension: (AdBlock) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-11-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-07-30]
CHR Extension: (Chrono správce stahování) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2018-09-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-22]
CHR Extension: (Chrome Media Router) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-17]
CHR HKU\S-1-5-21-1702915684-628408484-2569768411-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\minipc\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-09-30]
CHR HKU\S-1-5-21-1702915684-628408484-2569768411-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [779152 2018-11-01] (Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [779152 2018-11-01] (Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-09-24] (Bitdefender)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-09-17] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190216 2016-10-14] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [353896 2015-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887784 2015-09-03] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1284032 2018-07-31] (Bitdefender)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-01-20] (Acer Incorporated)
S3 revosuitevncserver; C:\Program Files (x86)\Acer\Revo Suite\tvnserver.exe [2122240 2016-03-18] (GlavSoft LLC.) [File not signed]
R2 SmartControlService; C:\Program Files (x86)\Acer\Revo Suite\SmartControlService.exe [1089440 2016-03-18] (Acer Incorporated)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [112144 2018-11-01] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [804144 2018-11-01] (Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-03] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-03] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1292296 2018-10-18] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1723552 2018-05-23] (BitDefender)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [156912 2018-11-01] (Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23032 2018-05-23] (Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [45728 2018-10-18] (© Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-05-23] (BitDefender)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [57304 2015-09-17] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-09-17] (Intel Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-10-25] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-10-25] (Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-09-17] (Intel Corporation)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [62528 2018-01-03] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [193184 2018-09-24] (BitDefender LLC)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-14] (Intel Corporation)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7279504 2015-11-30] (Intel Corporation)
R0 Ignis; C:\WINDOWS\System32\DRIVERS\ignis.sys [191592 2018-05-23] (Bitdefender)
S3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [337920 2017-05-07] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [609576 2018-08-02] (Bitdefender)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146200 2015-10-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-03-03] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288296 2018-03-03] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-03] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-17 13:05 - 2018-11-17 13:06 - 000020427 ____C C:\Users\minipc\Desktop\FRST.txt
2018-11-17 13:05 - 2018-11-17 13:05 - 000000000 ____D C:\FRST
2018-11-17 13:03 - 2018-11-17 13:03 - 002416128 ____C (Farbar) C:\Users\minipc\Desktop\FRST64.exe
2018-11-17 13:01 - 2018-11-17 13:01 - 001222144 ____C C:\Users\minipc\Desktop\RSITx64.exe
2018-11-05 11:28 - 2018-11-06 09:34 - 000000000 ____D C:\WINDOWS\Minidump
2018-11-04 04:56 - 2018-11-17 11:04 - 000000000 ____D C:\WINDOWS\Panther
2018-11-04 04:56 - 2018-11-04 04:56 - 000000000 ___HD C:\$WINDOWS.~BT
2018-11-03 14:33 - 2018-11-03 14:33 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2018-11-03 14:33 - 2018-11-03 14:33 - 000000000 ____D C:\Users\Default User\AppData\Local\Google

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-17 13:04 - 2018-03-03 21:33 - 000000000 ___DC C:\Users\minipc\AppData\Local\Packages
2018-11-17 13:04 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-17 12:56 - 2018-03-03 21:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-17 12:37 - 2017-07-26 19:49 - 000000000 ___DC C:\Users\minipc\AppData\Roaming\Kodi
2018-11-17 11:44 - 2017-07-29 09:59 - 000000000 ___DC C:\Users\minipc\AppData\LocalLow\Mozilla
2018-11-17 09:10 - 2018-09-25 16:28 - 000000000 ____D C:\Program Files (x86)\Mouse Server
2018-11-17 09:09 - 2017-07-30 20:22 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-11-17 09:09 - 2017-07-26 04:16 - 000000000 _SHDC C:\Users\minipc\IntelGraphicsProfiles
2018-11-16 17:42 - 2018-03-03 21:45 - 004358802 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-16 17:42 - 2017-09-30 15:31 - 002016416 _____ C:\WINDOWS\system32\perfh005.dat
2018-11-16 17:42 - 2017-09-30 15:31 - 000540924 _____ C:\WINDOWS\system32\perfc005.dat
2018-11-16 17:35 - 2018-03-03 21:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-16 17:35 - 2018-02-02 18:57 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-11-16 17:35 - 2017-07-27 11:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-16 17:35 - 2016-08-17 20:32 - 000000000 ____D C:\WINDOWS\system32\DebugLog
2018-11-16 17:35 - 2016-04-11 02:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-16 17:34 - 2018-03-03 14:07 - 000029470 _____ C:\bdlog.txt
2018-11-16 17:34 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-11-16 14:49 - 2016-04-11 02:56 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-16 14:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-11-16 13:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2018-11-16 13:45 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-11-16 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-11-16 07:01 - 2017-07-27 10:16 - 000000000 ____D C:\Program Files\rempl
2018-11-14 18:21 - 2018-05-10 07:20 - 000835168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-14 18:21 - 2018-05-10 07:20 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-14 18:21 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-14 18:21 - 2017-07-27 10:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-14 18:16 - 2017-07-27 10:02 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-14 07:56 - 2017-07-26 12:45 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-14 07:56 - 2017-07-26 12:45 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-14 07:53 - 2018-03-13 19:30 - 000004638 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-14 07:53 - 2018-03-03 21:45 - 000004506 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-11-14 07:53 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-11-14 07:53 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-11-14 07:53 - 2017-09-29 09:45 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2018-11-13 17:50 - 2018-03-03 21:32 - 000000000 ___DC C:\Users\minipc
2018-11-07 08:09 - 2018-09-26 06:18 - 000000000 ____D C:\Windows10Upgrade
2018-11-06 09:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-03 14:36 - 2018-09-30 08:09 - 000002077 _____ C:\Users\Public\Desktop\Google Slides.lnk
2018-11-03 14:36 - 2018-09-30 08:09 - 000002075 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2018-11-03 14:36 - 2018-09-30 08:09 - 000002065 _____ C:\Users\Public\Desktop\Google Docs.lnk
2018-11-03 14:36 - 2018-09-30 08:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-11-01 14:36 - 2018-09-24 06:14 - 000156912 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2018-10-19 13:59 - 2018-03-03 14:02 - 000000000 ____D C:\ProgramData\BDLogging
2018-10-18 10:07 - 2018-03-03 14:00 - 000045728 _____ (© Bitdefender SRL) C:\WINDOWS\system32\Drivers\bdprivmon.sys
2018-10-18 10:00 - 2018-05-23 13:39 - 001292296 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys

==================== Files in the root of some directories =======

2017-07-28 19:31 - 2017-07-28 19:31 - 000007597 ____C () C:\Users\minipc\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-03 21:29

==================== End of FRST.txt ============================


RSIT
********************************************************
Logfile of random's system information tool 1.10 (written by random/random)
Run by minipc at 2018-11-17 13:18:12
Microsoft Windows 10 Home
System drive C: has 1 GB (4%) free of 28 GB
Total RAM: 4008 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:18:23, on 17.11.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0371)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Wise\Wise Auto Shutdown\WiseAutoShutdown.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Mouse Server\MouseServer.exe
C:\Program Files (x86)\Mouse Server\Mouse Server Luminati.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files\trend micro\minipc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer15.msn.com/?pc=ACTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer15.msn.com/?pc=ACTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O3 - Toolbar: Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKCU\..\Run: [MouseServer] "C:\Program Files (x86)\Mouse Server\MouseServer.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Bitdefender Auxiliary Service (BDAuxSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender Protected Service (BDProtSrv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem30.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem1.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: Quick Access Service (QASvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: RevoSuiteVNC Server (revosuitevncserver) - GlavSoft LLC. - C:\Program Files (x86)\Acer\Revo Suite\tvnserver.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Smart Control Service (SmartControlService) - Acer Incorporated - C:\Program Files (x86)\Acer\Revo Suite\SmartControlService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 9873 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a79b319b-198b-469f-8acf-266ffb040d65 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9d8ec757-003f-4e6b-bcb8-cb8020184642 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a57f0c6e-b344-4976-b98a-3a3709f524de -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9c77f7e8-c965-4249-a3d2-cfdcef9bb2ae -LifetimeId:02c56151-ddc0-4121-adf1-ebbae8cbab01 -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-1f983f6a-153e-4fc0-b689-925a1452e1d4 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-2b4cb1fd-db61-4e9d-b9ec-580972cb872b -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-4bf0a9fd-577b-4f3d-ac1b-0647abdc7cfc -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-07a20245-bcad-435b-90f8-d797b1569e57 -LifetimeId:8f61729f-867f-41a5-b13a-49699d933333 -DeviceGroupId:WudfDefaultDevicePool
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s BthHFSrv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservice -p -s nsi
"C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe" /service
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
dashost.exe {2cb096d7-4c30-4c36-9bb1496389559550}
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
"C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings\services\configs\bdauxsrv_config.json"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-cf5f8e97-f321-4172-856b-2c3755c47c45 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e60d7fd8-e794-4e75-b7eb-ebdc5a215907 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-8f16f67c-ce0d-4d53-9e12-63b3d8fbde00 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-806848dd-3cdf-41d0-b840-05b87c07aa26 -LifetimeId:d8edcf33-b022-41e8-ad90-948768d3e9db -DeviceGroupId:WpdFsGroup
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService

"C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe"
"C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe"
C:\WINDOWS\SysWOW64\esif_uf.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\system32\ibtsiva
C:\WINDOWS\System32\svchost.exe -k utcsvc -p

"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
"c:\program files (x86)\acer\revo suite\smartcontrolservice.exe"
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"

"C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe" /service
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe" -r "C:\Users\minipc\AppData\Local\AOP SDK\Acer Infra\acer\SyncAgent" -u S-1-5-21-1702915684-628408484-2569768411-1001 -c 660 -s 476 -g "C:\ProgramData\acer\CCD"
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
C:\WINDOWS\System32\vds.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer Quick Access\QASvc.exe"
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s wcncsvc
C:\WINDOWS\system32\AUDIODG.EXE 0x4f4
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
"C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe"
"C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe"
"C:\Program Files\rempl\sedsvc.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
-login
"C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe"
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Wise\Wise Auto Shutdown\WiseAutoShutdown.exe" -a
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe "
igfxEM.exe
C:\WINDOWS\Explorer.EXE
igfxTray.exe
"C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer13_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer13_Logfile.log
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\QAAgent.exe"
"ctfmon.exe"
"C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Mouse Server\MouseServer.exe"
"Mouse Server Luminati.exe"
"C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" task
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Acer\Care Center\ACCStd.exe"
"C:\Program Files\rempl\sedlauncher.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="176.0.997217855\1334036595" -parentBuildID 20181114214635 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - "C:\Users\minipc\AppData\LocalLow\Mozilla\Temp-{d3f58fea-62a1-492f-b27c-66ccb567ba01}" 176 "\\.\pipe\gecko-crash-server-pipe.176" 1352 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="176.3.1955448078\2004307609" -childID 1 -isForBrowser -prefsHandle 2008 -prefMapHandle 2168 -prefsLen 1 -prefMapSize 186102 -schedulerPrefs 0001,2 -parentBuildID 20181114214635 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 176 "\\.\pipe\gecko-crash-server-pipe.176" 1032 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="176.13.1140141468\556346604" -childID 2 -isForBrowser -prefsHandle 2012 -prefMapHandle 2884 -prefsLen 177 -prefMapSize 186102 -schedulerPrefs 0001,2 -parentBuildID 20181114214635 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 176 "\\.\pipe\gecko-crash-server-pipe.176" 2952 tab
"C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe" "C:\Program Files\Bitdefender\Bitdefender Security\bdwtxff.json" bdwtwe@bitdefender.com
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="176.20.850082400\1660546325" -childID 3 -isForBrowser -prefsHandle 3512 -prefMapHandle 3476 -prefsLen 4907 -prefMapSize 186102 -schedulerPrefs 0001,2 -parentBuildID 20181114214635 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 176 "\\.\pipe\gecko-crash-server-pipe.176" 3472 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="176.27.2065489608\1601496801" -childID 4 -isForBrowser -prefsHandle 4840 -prefMapHandle 4444 -prefsLen 5144 -prefMapSize 186102 -schedulerPrefs 0001,2 -parentBuildID 20181114214635 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 176 "\\.\pipe\gecko-crash-server-pipe.176" 4860 tab
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\minipc\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\minipc\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=70.0.3538.102 --initial-client-data=0x1d0,0x1d4,0x1d8,0x1cc,0x1dc,0x7fff676054d0,0x7fff676054e0,0x7fff676054f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=10400 --on-initialized-event-handle=648 --parent-handle=652 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1304,15962259608044788079,1169365735887454669,131072 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=11858981629996205600 --mojo-platform-channel-handle=1332 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15962259608044788079,1169365735887454669,131072 --service-pipe-token=1962176291043003329 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=1962176291043003329 --renderer-client-id=3 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2128 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15962259608044788079,1169365735887454669,131072 --service-pipe-token=17626586435573349336 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=17626586435573349336 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2364 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15962259608044788079,1169365735887454669,131072 --service-pipe-token=3595609331257102282 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=3595609331257102282 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2388 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15962259608044788079,1169365735887454669,131072 --service-pipe-token=5332973123196234347 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=5332973123196234347 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15962259608044788079,1169365735887454669,131072 --service-pipe-token=1194491190146320788 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=1194491190146320788 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
C:\WINDOWS\system32\cmd.exe /d /c "C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.3b227d20b62ae143 > \\.\pipe\chrome.nativeMessaging.out.3b227d20b62ae143
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15962259608044788079,1169365735887454669,131072 --service-pipe-token=7031124743154747189 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=7031124743154747189 --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
taskhostw.exe
"C:\Program Files (x86)\Mouse Server\Luminati\net_svc.exe" --workdir "C:/Program Files (x86)/Mouse Server/Luminati" --no-root --parent-die-stdin --sdk --appid win_wifimouse.necta.us
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15962259608044788079,1169365735887454669,131072 --service-pipe-token=12545859550578469691 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=12545859550578469691 --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7892 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15962259608044788079,1169365735887454669,131072 --service-pipe-token=2900774420170742521 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=2900774420170742521 --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15962259608044788079,1169365735887454669,131072 --service-pipe-token=8737144493532691713 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=8737144493532691713 --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15962259608044788079,1169365735887454669,131072 --service-pipe-token=13286237608348413616 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=13286237608348413616 --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1832 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15962259608044788079,1169365735887454669,131072 --service-pipe-token=12476797101734525118 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=12476797101734525118 --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2292 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15962259608044788079,1169365735887454669,131072 --service-pipe-token=14994660398561813936 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=14994660398561813936 --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10052 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe23_ Global\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 744 748 756 8192 752
C:\Windows\System32\smartscreen.exe -Embedding

C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\minipc\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Bitdefender\Bitdefender Security\downloader.exe" /download /trace /stopevent 1504
\??\C:\WINDOWS\system32\conhost.exe 0x4

=========Mozilla firefox=========

ProfilePath - C:\Users\minipc\AppData\Roaming\Mozilla\Firefox\Profiles\85l001sa.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz/"

"bdwtwe@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 31.0.0.148 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_148.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 31.0.0.148 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_148.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-09-24 647696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-09-24 602040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-09-24 647696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender - Portmonka - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-09-24 602040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-29 16165632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MouseServer"=C:\Program Files (x86)\Mouse Server\MouseServer.exe [2018-01-24 520704]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-07-20 18534016]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2018-10-04 46459080]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2018-11-17 13:18:12 ----D---- C:\rsit
2018-11-17 13:18:12 ----D---- C:\Program Files\trend micro
2018-11-17 13:05:19 ----D---- C:\FRST
2018-11-05 11:28:04 ----D---- C:\WINDOWS\Minidump
2018-11-04 04:56:38 ----D---- C:\WINDOWS\Panther
2018-11-04 04:56:31 ----HD---- C:\$WINDOWS.~BT
2018-09-30 08:09:19 ----D---- C:\Program Files\Google
2018-09-26 06:18:49 ----D---- C:\Windows10Upgrade
2018-09-25 16:28:06 ----D---- C:\Program Files (x86)\Mouse Server
2018-09-25 15:21:19 ----D---- C:\WINDOWS\SoftwareDistribution
2018-09-24 06:14:11 ----A---- C:\WINDOWS\system32\drivers\bddci.sys
2018-09-23 06:27:55 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-09-07 12:26:28 ----A---- C:\WINDOWS\SYSWOW64\Luadgmgt.dll

======List of files/folders modified in the last 3 months======

2018-11-17 13:18:12 ----RD---- C:\Program Files
2018-11-17 13:18:08 ----D---- C:\WINDOWS\Prefetch
2018-11-17 13:18:06 ----D---- C:\WINDOWS\system32\drivers\etc
2018-11-17 13:17:26 ----D---- C:\WINDOWS\Temp
2018-11-17 13:13:01 ----D---- C:\WINDOWS\system32\sru
2018-11-17 13:12:14 ----D---- C:\Windows
2018-11-17 13:04:26 ----D---- C:\WINDOWS\AppReadiness
2018-11-17 12:56:48 ----D---- C:\WINDOWS\system32\SleepStudy
2018-11-17 12:51:22 ----D---- C:\WINDOWS\Logs
2018-11-17 12:50:55 ----D---- C:\WINDOWS\system32\LogFiles
2018-11-17 12:37:46 ----DC---- C:\Users\minipc\AppData\Roaming\Kodi
2018-11-17 09:14:42 ----D---- C:\WINDOWS\system32\config
2018-11-17 09:09:49 ----D---- C:\WINDOWS\System32
2018-11-17 09:09:49 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-11-16 17:42:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-16 17:35:37 ----AD---- C:\Program Files (x86)\TeamViewer
2018-11-16 17:35:34 ----D---- C:\WINDOWS\system32\DebugLog
2018-11-16 17:35:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-16 17:35:04 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-11-16 17:34:38 ----A---- C:\bdlog.txt
2018-11-16 14:46:54 ----D---- C:\WINDOWS\system32\catroot2
2018-11-16 14:46:42 ----D---- C:\WINDOWS\DeliveryOptimization
2018-11-16 13:45:10 ----D---- C:\WINDOWS\INF
2018-11-16 13:45:05 ----D---- C:\WINDOWS\system32\MsDtc
2018-11-16 13:43:36 ----D---- C:\WINDOWS\system32\NDF
2018-11-16 07:01:12 ----SHDC---- C:\WINDOWS\Installer
2018-11-16 07:01:11 ----SHD---- C:\Config.Msi
2018-11-16 07:01:08 ----AD---- C:\Program Files\rempl
2018-11-15 08:29:38 ----RD---- C:\WINDOWS\Microsoft.NET
2018-11-14 18:21:25 ----D---- C:\WINDOWS\CbsTemp
2018-11-14 18:21:22 ----D---- C:\WINDOWS\WinSxS
2018-11-14 18:21:22 ----D---- C:\WINDOWS\SysWOW64
2018-11-14 18:21:14 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-11-14 18:21:06 ----D---- C:\WINDOWS\system32\MRT
2018-11-14 18:16:22 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-11-14 14:19:34 ----D---- C:\WINDOWS\system32\Tasks
2018-11-14 07:53:34 ----D---- C:\WINDOWS\system32\Macromed
2018-11-14 07:53:28 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-11-09 08:35:10 ----D---- C:\WINDOWS\system32\drivers
2018-11-06 09:50:45 ----D---- C:\WINDOWS\LiveKernelReports
2018-10-31 19:43:15 ----D---- C:\WINDOWS\system32\DriverStore
2018-10-19 13:59:03 ----D---- C:\ProgramData\BDLogging
2018-10-10 16:48:17 ----D---- C:\WINDOWS\debug
2018-09-30 08:09:37 ----RD---- C:\Program Files (x86)
2018-09-25 18:15:31 ----HD---- C:\Program Files\WindowsApps
2018-09-25 16:36:45 ----SHD---- C:\System Volume Information
2018-09-10 17:30:39 ----AD---- C:\Program Files\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2018-05-23 1723552]
R0 bdprivmon;bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys [2018-10-18 45728]
R0 EUBAKUP;EUBAKUP; C:\WINDOWS\system32\drivers\eubakup.sys [2018-01-03 75328]
R0 EUBKMON;EUBKMON; C:\WINDOWS\system32\drivers\EUBKMON.sys [2018-01-03 62528]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2018-09-24 193184]
R0 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2018-05-23 191592]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R1 atc;atc; C:\WINDOWS\system32\DRIVERS\atc.sys [2018-10-18 1292296]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-03-30 59808]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2018-05-23 96448]
R1 EUDSKACS;EUDSKACS; \??\C:\WINDOWS\system32\drivers\eudskacs.sys [2018-01-03 32832]
R1 EUFDDISK;EUFDDISK; \??\C:\WINDOWS\system32\drivers\EuFdDisk.sys [2018-01-03 206912]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-03-30 8192]
R2 BdDci;BdDci Service; C:\WINDOWS\system32\DRIVERS\bddci.sys [2018-11-01 156912]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-05-11 385536]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2018-03-30 79872]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2017-09-29 191488]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-09-29 105472]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2017-09-29 46592]
R3 bthl2cap;@bthl2cap.inf,%bthl2cap_desc%;Ovladač podpory protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\bthl2cap.sys [2017-09-29 83968]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-09-29 78848]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-15 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [2015-09-17 57304]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [2015-09-17 52200]
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [2015-09-17 260072]
R3 ibtusb;@oem1.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2016-10-14 250624]
R3 igfxLP;igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [2015-11-30 7279504]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-07-29 4577024]
R3 IntcDAud;@oem19.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-11-30 474376]
R3 Netwtw04;___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit; C:\WINDOWS\System32\drivers\Netwtw04.sys [2017-09-29 7689728]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-09-29 189440]
R3 RSP2STOR;@oem32.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2017-05-07 337920]
R3 rt640x64;@oem15.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-05-29 886528]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2018-05-23 23032]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-02-22 45472]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-06-13 1015296]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-10-25 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-10-25 47672]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2016-08-02 216704]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-05-09 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-03-30 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mfencbdc;McAfee Inc. mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [2016-08-01 519456]
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2016-08-01 100136]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-06-08 937376]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BDAuxSrv;Bitdefender Auxiliary Service; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [2018-11-01 779152]
R2 BDProtSrv;Bitdefender Protected Service; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [2018-11-01 779152]
R2 bdredline;Bitdefender RedLine Service; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2018-09-24 2195320]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2017-09-26 2278688]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_f77d7f;Uživatelská služba platformy připojených zařízení_f77d7f; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 EaseUS Agent;EaseUS Agent Service; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2017-08-30 40080]
R2 esifsvc;@oem30.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\SysWOW64\esif_uf.exe [2015-09-17 1392792]
R2 ibtsiva;@oem1.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-11-30 353896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2015-04-21 174368]
R2 OneSyncSvc_f77d7f;Hostitel synchronizace_f77d7f; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2018-07-31 1284032]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-03-01 519152]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2018-11-08 322712]
R2 SmartControlService;Smart Control Service; C:\Program Files (x86)\Acer\Revo Suite\SmartControlService.exe [2016-03-18 1089440]
R3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-09-28 43648]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_f77d7f;Data kontaktů_f77d7f; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2016-01-20 481696]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-14 336008]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-11-30 282728]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_f77d7f;Tok zařízení_f77d7f; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-05-03 86016]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-26 153168]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-26 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2015-09-03 887784]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_f77d7f;Služba zasílání zpráv_f77d7f; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-11-16 216528]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_f77d7f;PrintWorkflow_f77d7f; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 revosuitevncserver;RevoSuiteVNC Server; C:\Program Files (x86)\Acer\Revo Suite\tvnserver.exe [2016-03-18 2122240]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 956416]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu a pomoc

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Podla logov je tam 32 GB disk C: a 1 TB disk D:. Bohuzial, 32 GB ako systemovy disk je dnes uz bohuzial malo aj na samotny Windows. Aktualizacie na Windows 10 nejdu vypnut, su v podstate "povinne" (ale treba uviest, ze aktualiazacie by sa vypinat nemali, nakolko riesia aj rozne bezpecnostne chyby).

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

William_CZ
Návštěvník
Návštěvník
Příspěvky: 72
Registrován: 11 črc 2007 18:41
Kontaktovat uživatele:

Re: Prosím o kontrolu a pomoc

#3 Příspěvek od William_CZ »

Ono by bohatě stačilo kdyby si aktualizace prvně ověřily dostatek místa na disku a nechovaly se v opačném případě jako kdejaká havěť, která velice znepříjemní používání systému.

Mini PC mám k televizi jako multimediální systém s dostatečným výkonem, až na ten disk. Počítač jel perfektně asi tak rok a půl, bohužel asi mají aktualizace čím dál větší velikost. Řešení je už asi jen zbavit se Windowsů. Nebo nemáte radu jak přesunout ukládání souborů a druhý disk nebo něco takového? Dle návodu jsem si namapoval složku pro stahování aktualizací na externí disk, ale stále to nestačí.

Děkuji z případné rady.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-11-14.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-17-2018
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 33
# Failed: 2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKU\S-1-5-18\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKCU\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKU\.DEFAULT\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
Deleted HKLM\Software\Wow6432Node\AppDataLow\Software\Amazon\AmazonAssistant
Deleted HKLM\Software\Wow6432Node\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BFF94CF8-2D3B-4B2F-BB83-3600280AFEBA}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{6B7479D5-C493-40F0-99B6-BFC901980034}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
Deleted HKLM\Software\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Amazon Assistant Service
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\services\Amazon Assistant Service
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Wow6432Node\Classes\AppID\OverlayIcon.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted HKLM\Software\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted HKLM\Software\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}

***** [ Chromium (and derivatives) ] *****

Deleted Amazon Assistant for Chrome

***** [ Chromium URLs ] *****

Not Deleted Softonic EN
Not Deleted Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4784 octets] - [17/11/2018 22:01:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu a pomoc

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

William_CZ
Návštěvník
Návštěvník
Příspěvky: 72
Registrován: 11 črc 2007 18:41
Kontaktovat uživatele:

Re: Prosím o kontrolu a pomoc

#5 Příspěvek od William_CZ »

ADDITION
*********************************************************
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.11.2018
Ran by minipc (18-11-2018 08:34:48)
Running from C:\Users\minipc\Desktop
Windows 10 Home Version 1709 16299.547 (X64) (2018-03-03 20:46:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1702915684-628408484-2569768411-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1702915684-628408484-2569768411-503 - Limited - Disabled)
Guest (S-1-5-21-1702915684-628408484-2569768411-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1702915684-628408484-2569768411-1005 - Limited - Enabled)
minipc (S-1-5-21-1702915684-628408484-2569768411-1001 - Administrator - Enabled) => C:\Users\minipc
WDAGUtilityAccount (S-1-5-21-1702915684-628408484-2569768411-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Firewall (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3038 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{4B92BFBE-917D-4FA1-97E9-DB9D91286E90}) (Version: 3.0.18135.100 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3001 - Acer Incorporated)
Acer Revo Suite (HKLM\...\{CD0ADB6F-8605-4102-BD68-9A365A652446}) (Version: 1.00.3016 - Acer Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender)
Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 22.0.1.1 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.45 - Piriform)
EaseUS Todo Backup Free 10.6 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 10.6 - CHENGDU YIWO Tech Development Co., Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HappyFoto-Designer 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10604.207 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4320 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1094 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265}) (Version: 18.1.1546.2762 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2733506-e526-4bae-bc12-b2d37e2016ec}) (Version: 18.30.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kodi (HKU\S-1-5-21-1702915684-628408484-2569768411-1001\...\Kodi) (Version: - XBMC-Foundation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mouse Server verze 1.7.7.5 (HKLM-x32\...\{7AFAA880-BB05-4E38-9279-C53EECE1B7BE}_is1) (Version: 1.7.7.5 - Necta Inc.)
Mozilla Firefox 63.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.3 (x64 en-US)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.29094 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Wise Auto Shutdown 1.6.2 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.6.2 - WiseCleaner.com, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-11-30] (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {144F857A-5A16-4C9D-A5A0-78B0D6E94B19} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-14] (Adobe Systems Incorporated)
Task: {1E3D3F0D-0E9A-4E0E-A0EC-CFF061555B5D} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2017-05-24] ()
Task: {27EF378B-EAD9-4A99-ADC1-9BBBFFC41A5A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-26] (Google Inc.)
Task: {3E78D987-B76E-4C8E-8219-FED27A1A6E34} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3EF15D2D-D4D4-4DA6-B7DF-6515BE8DD0B7} - System32\Tasks\CCleaner Update
Task: {4945B1CC-FA44-4D81-BAA1-EA64ED62F90F} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-11-25] ()
Task: {4A7C50E0-1BD4-44F7-BAF8-EB76670D650B} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-11-25] (Acer Incorporated)
Task: {4BEB83E8-062C-4264-898D-836693D3F78A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe [2018-11-14] (Adobe Systems Incorporated)
Task: {532801AF-8957-4573-B3B0-619EF8A64570} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {5CEEA067-3CF8-4C37-B8F3-51C456648520} - System32\Tasks\Wise Auto Shutdown Task.job => C:\Program Files (x86)\Wise\Wise Auto Shutdown\WiseAutoShutdown.exe [2017-07-13] (WiseCleaner.COM)
Task: {6AB9609F-1205-44F4-B526-C36E9C1526FB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-07-20] (Piriform Ltd)
Task: {6DCCD660-8E6C-4D6A-9136-F861FD9388AA} - System32\Tasks\CareCenter\SecurityHealth_Reg_HKLMRun => C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29] (Microsoft Corporation)
Task: {7E95CD6C-FC42-469B-9056-512A3F8DA8EB} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-07-31] (Bitdefender)
Task: {8AC27D49-2316-4180-9A36-EC8027A26A4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-26] (Google Inc.)
Task: {9CD10937-D1FB-4A6A-9627-515A01B2167B} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
Task: {A91F1C35-2A49-4B3D-840C-3B0324AE932D} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-09-26] (Acer Incorporated)
Task: {B20D7ABB-2B05-4EE1-919A-EB1D909153EF} - System32\Tasks\CareCenter\RTHDVCPL_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-29] (Realtek Semiconductor)
Task: {C24B1F21-74E0-4204-9A36-EA78D5CDE123} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2018-11-01] (Bitdefender)
Task: {C6F84A05-F20A-47CD-B206-1EC175F93ED8} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [2018-09-26] (Acer)
Task: {D4DE7F4D-C680-49B6-988E-2336D148EBA6} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2018-05-28] ()
Task: {F6987ABA-D4D0-4221-9E7D-6064F8A284EA} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-01-20] (Acer Incorporated)
Task: {F88954FE-FB7E-441D-AB5A-A57A70C345F5} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-20] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-11-15 10:09 - 2018-11-15 10:09 - 000994752 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_02951_005\ashttpbr.mdl
2018-11-15 10:09 - 2018-11-15 10:09 - 000544880 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_02951_005\ashttpdsp.mdl
2018-11-15 10:09 - 2018-11-15 10:09 - 003240080 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_02951_005\ashttpph.mdl
2018-11-15 10:09 - 2018-11-15 10:09 - 001530368 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_02951_005\ashttprbl.mdl
2015-05-19 17:11 - 2015-05-19 17:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-04-11 03:37 - 2015-11-30 20:51 - 000384104 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-03-03 21:59 - 2017-08-30 12:29 - 000260752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2018-07-31 16:21 - 2018-06-29 09:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-07-31 16:22 - 2018-06-29 08:57 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-02-02 10:49 - 2018-02-02 10:50 - 000061952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.4.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2018-07-31 16:21 - 2018-06-08 08:24 - 003657632 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2018-07-31 16:21 - 2018-06-08 08:26 - 002470304 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-09-25 16:28 - 2018-01-24 08:46 - 000226816 _____ () C:\Program Files (x86)\Mouse Server\Mouse Server Luminati.exe
2018-11-14 07:56 - 2018-11-08 23:14 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libglesv2.dll
2018-11-14 07:56 - 2018-11-08 23:14 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libegl.dll
2016-08-17 20:41 - 2015-05-14 08:10 - 000030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
2018-11-18 08:28 - 2018-11-18 08:28 - 000113664 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\_ctypes.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000080896 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\bz2.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 001792512 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\_hashlib.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000128512 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\win32api.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000137728 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\pywintypes27.dll
2018-11-18 08:28 - 2018-11-18 08:28 - 000548864 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\pythoncom27.dll
2018-11-18 08:28 - 2018-11-18 08:28 - 000689664 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\unicodedata.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000438784 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\win32com.shell.shell.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 001489408 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\wx._core_.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 001007104 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\wx._gdi_.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 001039872 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\wx._windows_.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 001325056 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\wx._controls_.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000916992 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\wx._misc_.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 001084416 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\pysqlite2._sqlite.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000149504 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\win32file.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000136192 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\win32security.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000007680 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\hashobjs_ext.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000020992 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\thumbnails_ext.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000118784 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\usb_ext.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000047616 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\_socket.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 002224640 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\_ssl.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000014848 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\common.time34.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000023040 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\win32event.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000034304 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\windows.conditional.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000020480 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\windows.winwrap.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000110080 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\windows.volumes.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000223232 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\win32gui.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000173568 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\_elementtree.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000169472 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\pyexpat.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000048128 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\win32inet.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000103424 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\wx._html2.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000046080 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\_psutil_windows.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000633272 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\windows._cacheinvalidation.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000011776 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\win32crypt.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000301568 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\PIL._imaging.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000032256 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\_multiprocessing.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 005752320 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\cello.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000026112 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\_yappi.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000044032 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\win32process.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000027648 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\win32pipe.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000010752 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\select.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000029696 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\win32pdh.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000038400 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\windows.connectivity.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000073216 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\windows.device_monitor.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000020480 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\win32profile.pyd
2018-11-18 08:28 - 2018-11-18 08:28 - 000026624 ____C () C:\Users\minipc\AppData\Local\Temp\_MEI106602\win32ts.pyd
2018-03-03 21:59 - 2017-02-21 17:19 - 000083136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000019648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000090816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2018-03-03 21:59 - 2016-03-07 18:08 - 001291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2018-03-03 21:59 - 2004-10-05 03:08 - 000055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000024768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000188608 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2018-03-03 21:59 - 2017-08-30 12:25 - 000183440 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000163520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt_RTTO.dll
2018-03-03 21:59 - 2017-08-30 12:27 - 000055952 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000018112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2018-03-03 21:58 - 2017-08-30 12:25 - 000061072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2018-03-03 21:59 - 2017-09-04 17:39 - 000699024 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuActiveOnline.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000487568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EULicenseDLL.DLL
2018-03-03 21:59 - 2017-08-30 12:26 - 000021648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\fsclog.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000085648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000032912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000070800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000160400 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000296592 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000078528 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000305808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSUtil.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000210112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000026304 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CallbackOperator.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000074432 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000142016 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2018-03-03 21:59 - 2017-09-11 14:28 - 000085136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000844944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000195776 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000414400 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000162448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000029376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000114368 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000026816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000022720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000034448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000054464 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000066240 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2018-03-03 21:58 - 2017-08-30 12:25 - 000026768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2018-03-03 21:59 - 2017-08-30 12:26 - 000072848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000221376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000079040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2018-03-03 21:58 - 2017-08-30 12:25 - 000021648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000138432 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000021696 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2018-03-03 21:59 - 2017-08-30 12:27 - 000074896 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlExBrowser.dll
2018-03-03 21:59 - 2017-08-30 12:27 - 000585872 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlSMOCPlusPlus.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000045248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2018-03-03 21:59 - 2017-08-30 12:25 - 000367760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2018-03-03 21:59 - 2017-08-30 12:25 - 000141456 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000149184 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000052416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000064192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2018-03-03 21:59 - 2016-12-06 02:43 - 000091840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000058560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2018-03-03 21:59 - 2016-12-06 02:44 - 000210112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2018-09-25 16:28 - 2018-11-18 08:28 - 001400928 _____ () C:\Program Files (x86)\Mouse Server\lum_sdk32_clr.dll
2018-03-03 21:34 - 2018-03-03 21:34 - 000015136 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2017-09-26 12:35 - 2017-09-26 12:35 - 000013088 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2017-09-26 12:34 - 2017-09-26 12:34 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2018-11-18 08:32 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1702915684-628408484-2569768411-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 81.19.33.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: wuauserv => 3
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\...\StartupApproved\Run: => "OneDriveSetup"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{12D57DCD-C874-402C-B37D-592D6CD0AEB6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{F61216F0-8B69-4004-BC0E-7A26D7B6934A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{FBCE4A41-0783-4831-A03D-30C242408293}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{15709136-3E32-4142-B7A7-A056DBC475AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{09F68003-B2E3-4352-8029-90108C4751D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9DECB815-A065-465B-87C6-948EA9743031}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{A33CC59E-5597-4598-BCA1-F3099DE6802D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{793FC74E-A432-4CC9-A824-1D19A6A7578D}] => (Allow) C:\Program Files (x86)\Acer\Revo Suite\tvnserver.exe
FirewallRules: [TCP Query User{D7BE8FA1-A409-4BA8-8AD6-D87A4CFB0B71}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{920C2341-858B-4945-A4B4-E81E05396E67}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{16843FE9-A191-46D6-9630-804F18E8436F}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{2356B643-8EC2-474A-B2B0-1D8FC694B4EE}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{84A97062-76CD-452A-91BD-81D304684B79}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{49B2C9B4-A06C-4035-9FD1-90249EF11B07}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{5329D6B7-BB93-4105-AA55-74CC2D527928}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{77911D02-41CA-4B86-805F-AAA23D114B58}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{542BB1A2-27E3-48D9-AF50-7DC3C656B7E5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FD462630-C713-4212-9FB9-96A914750882}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3D98DAB1-93E0-4576-B91D-E60AB484CEBF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F1DB7840-A935-43A3-9DF6-FED9655F7FF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F651906B-53B8-44F3-9D4B-236AF85645A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{12C773E6-E130-42C0-B0E4-BE45A5BDD92B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C43AAA33-B7F1-458A-A999-D143737AC9CA}C:\program files (x86)\mouse server\mouseserver.exe] => (Block) C:\program files (x86)\mouse server\mouseserver.exe
FirewallRules: [UDP Query User{57D3F572-2F26-4B3C-9351-54D454AD5F52}C:\program files (x86)\mouse server\mouseserver.exe] => (Block) C:\program files (x86)\mouse server\mouseserver.exe
FirewallRules: [{98A85E7D-4759-4D25-9F12-78A870122C73}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/18/2018 08:27:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x18dc
Čas spuštění chybující aplikace: 0x01d47f1031595c43
Cesta k chybující aplikaci: C:\WINDOWS\system32\igfxHK.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\igfxHK.exe
ID zprávy: 0d2db47e-c84e-4ca1-aa68-fe5580749b88
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/17/2018 10:03:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x11b8
Čas spuštění chybující aplikace: 0x01d47eb8fdae7f45
Cesta k chybující aplikaci: C:\WINDOWS\system32\igfxHK.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\igfxHK.exe
ID zprávy: 51ec8cfe-8aab-4667-a7d1-b5eb491245de
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/17/2018 09:57:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0xc18
Čas spuštění chybující aplikace: 0x01d47eb82dbf227b
Cesta k chybující aplikaci: C:\WINDOWS\system32\igfxHK.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\igfxHK.exe
ID zprávy: 2f778b63-3e2a-48b0-8386-c0d95a6699e7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/17/2018 01:04:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000004
Posun chyby: 0x00007fff82a150d8
ID chybujícího procesu: 0x28d0
Čas spuštění chybující aplikace: 0x01d47e6dac8e2f13
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 906e22f3-44a3-4995-8829-98b25e7ab88d
Úplný název chybujícího balíčku: Microsoft.Windows.Apprep.ChxApp_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (11/17/2018 12:37:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: kodi.exe, verze: 17.3.0.0, časové razítko: 0x5925f940
Název chybujícího modulu: kodi.exe, verze: 17.3.0.0, časové razítko: 0x5925f940
Kód výjimky: 0xc0000005
Posun chyby: 0x001b7a70
ID chybujícího procesu: 0x15a4
Čas spuštění chybující aplikace: 0x01d47e4d890c8ff1
Cesta k chybující aplikaci: C:\Program Files (x86)\Kodi\kodi.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Kodi\kodi.exe
ID zprávy: 110c302f-0bca-4c56-adb0-ebdfc9eec5c8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/17/2018 09:09:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x25d8
Čas spuštění chybující aplikace: 0x01d47e4ce9f453d3
Cesta k chybující aplikaci: C:\WINDOWS\system32\igfxHK.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\igfxHK.exe
ID zprávy: e17ad7ea-8aa3-4e1a-b090-256a98419edd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/16/2018 05:39:34 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (11/16/2018 05:35:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Název chybujícího modulu: igfxHK.exe, verze: 6.15.10.4320, časové razítko: 0x563cf118
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000015953
ID chybujícího procesu: 0x11a8
Čas spuštění chybující aplikace: 0x01d47dca64cacacc
Cesta k chybující aplikaci: C:\WINDOWS\system32\igfxHK.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\igfxHK.exe
ID zprávy: 4cce777b-2375-4f25-9d18-bf2196b49dd1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (11/18/2018 08:33:42 AM) (Source: DCOM) (EventID: 10016) (User: MINIPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli MINIPC\minipc (SID: S-1-5-21-1702915684-628408484-2569768411-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/18/2018 08:28:35 AM) (Source: DCOM) (EventID: 10016) (User: MINIPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli MINIPC\minipc (SID: S-1-5-21-1702915684-628408484-2569768411-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/18/2018 08:27:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/18/2018 08:27:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/17/2018 10:04:32 PM) (Source: DCOM) (EventID: 10016) (User: MINIPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli MINIPC\minipc (SID: S-1-5-21-1702915684-628408484-2569768411-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/17/2018 10:04:06 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (11/17/2018 10:03:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/17/2018 10:03:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-03-03 21:45:47.201
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-03-03 21:45:46.563
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte zařízení.

CodeIntegrity:
===================================

Date: 2018-11-17 22:04:00.923
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-11-16 17:36:03.766
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-11-16 14:48:32.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-11-13 17:42:52.109
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-11-13 15:05:06.845
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-11-13 13:42:20.789
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-11-12 19:01:45.993
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-11-05 11:29:09.694
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU J3060 @ 1.60GHz
Percentage of memory in use: 70%
Total physical RAM: 4008.27 MB
Available physical RAM: 1169.83 MB
Total Virtual: 5864.27 MB
Available Virtual: 2186.29 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:27.69 GB) (Free:2.35 GB) NTFS
Drive d: (Elements) (Fixed) (Total:931.48 GB) (Free:685.69 GB) NTFS

\\?\Volume{5a2cda7b-7fdc-453b-b742-9474a01960e2}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
\\?\Volume{d326e7b4-e275-4f66-a221-c789383e95ae}\ () (Fixed) (Total:0.83 GB) (Free:0.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 29.1 GB) (Disk ID: 9AC8192F)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt ============================





FRST
*********************************************************
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.11.2018
Ran by minipc (administrator) on MINIPC (18-11-2018 08:29:59)
Running from C:\Users\minipc\Desktop
Loaded Profiles: minipc (Available Profiles: minipc)
Platform: Windows 10 Home Version 1709 16299.547 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Revo Suite\SmartControlService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
Failed to access process -> igfxHK.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Revo Suite\RevoSuiteTray.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(WiseCleaner.COM) C:\Program Files (x86)\Wise\Wise Auto Shutdown\WiseAutoShutdown.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Windows\System32\igfxTray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(wifimouse.necta.us) C:\Program Files (x86)\Mouse Server\MouseServer.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Mouse Server\Mouse Server Luminati.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Luminati Networks Ltd.) C:\Program Files (x86)\Mouse Server\Luminati\net_svc.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-07-29] (Realtek Semiconductor)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\...\Run: [MouseServer] => C:\Program Files (x86)\Mouse Server\MouseServer.exe [520704 2018-01-24] (wifimouse.necta.us)
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18534016 2018-07-20] (Piriform Ltd)
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 81.19.33.2 8.8.8.8 192.168.0.254
Tcpip\..\Interfaces\{9ed2e04c-6c5e-405c-a48c-05395046273d}: [DhcpNameServer] 81.19.33.2 8.8.8.8 192.168.0.254
Tcpip\..\Interfaces\{f289421b-9179-4ab4-8c94-6ade08d0c204}: [DhcpNameServer] 81.19.33.2 8.8.8.8 192.168.0.254

Internet Explorer:
==================
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-1702915684-628408484-2569768411-1001 -> DefaultScope {3469702A-231C-458B-B233-38E301FEB16A} URL =
SearchScopes: HKU\S-1-5-21-1702915684-628408484-2569768411-1001 -> {3469702A-231C-458B-B233-38E301FEB16A} URL =
BHO: Bitdefender - Portmonka -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-09-24] (Bitdefender)
BHO-x32: Bitdefender - Portmonka -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-09-24] (Bitdefender)
Toolbar: HKLM - Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-09-24] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-09-24] (Bitdefender)

FireFox:
========
FF DefaultProfile: 85l001sa.default
FF ProfilePath: C:\Users\minipc\AppData\Roaming\Mozilla\Firefox\Profiles\85l001sa.default [2018-11-17]
FF Homepage: Mozilla\Firefox\Profiles\85l001sa.default -> www.seznam.cz/
FF Extension: (Czech (CZ) Language Pack) - C:\Users\minipc\AppData\Roaming\Mozilla\Firefox\Profiles\85l001sa.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2018-10-28]
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\minipc\AppData\Roaming\Mozilla\Firefox\Profiles\85l001sa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-11-15]
FF Extension: (Firefox Monitor) - C:\Users\minipc\AppData\Roaming\Mozilla\Firefox\Profiles\85l001sa.default\features\{8e21837e-ae65-4692-93e6-876e3e46c2f4}\fxmonitor@mozilla.org.xpi [2018-11-15]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2017-07-27] [Legacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-cs@firefox.mozilla.org [2017-07-27] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2017-07-27] [Legacy]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2018-09-24]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2018-02-27] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_148.dll [2018-11-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_148.dll [2018-11-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default [2018-11-18]
CHR Extension: (Disk Google) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-17]
CHR Extension: (Výdaje na dům mimo firmu - Tabulky Go...) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcdgieepoenbckmnicdpgcjldnnnjlnl [2017-07-30]
CHR Extension: (Right Click Google Translator) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkdgglkocfpfmlpfmldpmebkceelhif [2017-12-18]
CHR Extension: (Tampermonkey) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-11-17]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2018-08-02]
CHR Extension: (Bitdefender Wallet) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2018-03-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-22]
CHR Extension: (AdBlock) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-11-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-07-30]
CHR Extension: (Chrono správce stahování) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2018-09-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-22]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2018-11-17]
CHR Extension: (Chrome Media Router) - C:\Users\minipc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-17]
CHR HKU\S-1-5-21-1702915684-628408484-2569768411-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\minipc\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-09-30]
CHR HKU\S-1-5-21-1702915684-628408484-2569768411-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [779152 2018-11-01] (Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [779152 2018-11-01] (Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-09-24] (Bitdefender)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-09-17] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190216 2016-10-14] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [353896 2015-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887784 2015-09-03] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1284032 2018-07-31] (Bitdefender)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-01-20] (Acer Incorporated)
S3 revosuitevncserver; C:\Program Files (x86)\Acer\Revo Suite\tvnserver.exe [2122240 2016-03-18] (GlavSoft LLC.) [File not signed]
R2 SmartControlService; C:\Program Files (x86)\Acer\Revo Suite\SmartControlService.exe [1089440 2016-03-18] (Acer Incorporated)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [112144 2018-11-01] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [804144 2018-11-01] (Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-03] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-03] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1292296 2018-10-18] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1723552 2018-05-23] (BitDefender)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [156912 2018-11-01] (Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23032 2018-05-23] (Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [45728 2018-10-18] (© Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-05-23] (BitDefender)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [57304 2015-09-17] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-09-17] (Intel Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-10-25] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-10-25] (Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-09-17] (Intel Corporation)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [62528 2018-01-03] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [193184 2018-09-24] (BitDefender LLC)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-14] (Intel Corporation)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7279504 2015-11-30] (Intel Corporation)
R0 Ignis; C:\WINDOWS\System32\DRIVERS\ignis.sys [191592 2018-05-23] (Bitdefender)
S3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [337920 2017-05-07] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [609576 2018-08-02] (Bitdefender)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146200 2015-10-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-03-03] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288296 2018-03-03] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-03] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-18 08:29 - 2018-11-18 08:31 - 000019623 ____C C:\Users\minipc\Desktop\FRST.txt
2018-11-17 22:01 - 2018-11-17 22:02 - 000000000 ____D C:\AdwCleaner
2018-11-17 22:00 - 2018-11-17 22:00 - 007592144 ____C (Malwarebytes) C:\Users\minipc\Desktop\adwcleaner_7.2.4.0.exe
2018-11-17 13:18 - 2018-11-17 13:18 - 000000000 ____D C:\rsit
2018-11-17 13:18 - 2018-11-17 13:18 - 000000000 ____D C:\Program Files\trend micro
2018-11-17 13:16 - 2018-11-17 13:16 - 000000000 ___DC C:\Users\minipc\Desktop\logy
2018-11-17 13:05 - 2018-11-18 08:29 - 000000000 ____D C:\FRST
2018-11-17 13:03 - 2018-11-17 13:03 - 002416128 ____C (Farbar) C:\Users\minipc\Desktop\FRST64.exe
2018-11-17 13:01 - 2018-11-17 13:01 - 001222144 ____C C:\Users\minipc\Desktop\RSITx64.exe
2018-11-05 11:28 - 2018-11-06 09:34 - 000000000 ____D C:\WINDOWS\Minidump
2018-11-04 04:56 - 2018-11-17 22:12 - 000000000 ____D C:\WINDOWS\Panther
2018-11-04 04:56 - 2018-11-04 04:56 - 000000000 ___HD C:\$WINDOWS.~BT
2018-11-03 14:33 - 2018-11-03 14:33 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2018-11-03 14:33 - 2018-11-03 14:33 - 000000000 ____D C:\Users\Default User\AppData\Local\Google

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-18 08:28 - 2018-09-25 16:28 - 000000000 ____D C:\Program Files (x86)\Mouse Server
2018-11-18 08:27 - 2017-07-30 20:22 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-11-18 08:27 - 2017-07-26 04:16 - 000000000 _SHDC C:\Users\minipc\IntelGraphicsProfiles
2018-11-17 22:18 - 2017-07-29 09:59 - 000000000 ___DC C:\Users\minipc\AppData\LocalLow\Mozilla
2018-11-17 22:14 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-11-17 22:10 - 2018-03-03 21:45 - 004389512 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-17 22:10 - 2017-09-30 15:31 - 002031432 _____ C:\WINDOWS\system32\perfh005.dat
2018-11-17 22:10 - 2017-09-30 15:31 - 000545562 _____ C:\WINDOWS\system32\perfc005.dat
2018-11-17 22:03 - 2018-03-03 21:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-17 22:03 - 2018-02-02 18:57 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-11-17 22:03 - 2016-08-17 20:32 - 000000000 ____D C:\WINDOWS\system32\DebugLog
2018-11-17 22:02 - 2018-03-03 14:07 - 000029896 _____ C:\bdlog.txt
2018-11-17 22:02 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-11-17 15:25 - 2017-07-26 19:49 - 000000000 ___DC C:\Users\minipc\AppData\Roaming\Kodi
2018-11-17 15:16 - 2018-03-03 21:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-17 13:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-17 13:04 - 2018-03-03 21:33 - 000000000 ___DC C:\Users\minipc\AppData\Local\Packages
2018-11-16 17:35 - 2017-07-27 11:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-16 17:35 - 2016-04-11 02:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-16 14:49 - 2016-04-11 02:56 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-16 14:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-11-16 13:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2018-11-16 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-11-16 07:01 - 2017-07-27 10:16 - 000000000 ____D C:\Program Files\rempl
2018-11-14 18:21 - 2018-05-10 07:20 - 000835168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-14 18:21 - 2018-05-10 07:20 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-14 18:21 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-14 18:21 - 2017-07-27 10:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-14 18:16 - 2017-07-27 10:02 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-14 07:56 - 2017-07-26 12:45 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-14 07:56 - 2017-07-26 12:45 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-14 07:53 - 2018-03-13 19:30 - 000004638 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-14 07:53 - 2018-03-03 21:45 - 000004506 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-11-14 07:53 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-11-14 07:53 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-11-14 07:53 - 2017-09-29 09:45 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2018-11-13 17:50 - 2018-03-03 21:32 - 000000000 ___DC C:\Users\minipc
2018-11-06 09:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-03 14:36 - 2018-09-30 08:09 - 000002077 _____ C:\Users\Public\Desktop\Google Slides.lnk
2018-11-03 14:36 - 2018-09-30 08:09 - 000002075 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2018-11-03 14:36 - 2018-09-30 08:09 - 000002065 _____ C:\Users\Public\Desktop\Google Docs.lnk
2018-11-03 14:36 - 2018-09-30 08:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-11-01 14:36 - 2018-09-24 06:14 - 000156912 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2018-10-19 13:59 - 2018-03-03 14:02 - 000000000 ____D C:\ProgramData\BDLogging

==================== Files in the root of some directories =======

2017-07-28 19:31 - 2017-07-28 19:31 - 000007597 ____C () C:\Users\minipc\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-03 21:29

==================== End of FRST.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu a pomoc

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File:  C:\Program Files (x86)\Acer\Revo Suite\tvnserver.exe
    
    HKU\S-1-5-21-1702915684-628408484-2569768411-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
    HKU\S-1-5-21-1702915684-628408484-2569768411-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
    SearchScopes: HKU\S-1-5-21-1702915684-628408484-2569768411-1001 -> DefaultScope {3469702A-231C-458B-B233-38E301FEB16A} URL = 
    SearchScopes: HKU\S-1-5-21-17   02915684-628408484-2569768411-1001 -> {3469702A-231C-458B-B233-38E301FEB16A} URL = 
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
    S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
    C:\WINDOWS\System32\drivers\HipShieldK.sys
    S3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
    C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
    S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
    C:\WINDOWS\system32\DRIVERS\mfencrk.sys
    2018-11-17 13:18 - 2018-11-17 13:18 - 000000000 ____D C:\rsit
    2018-11-17 13:18 - 2018-11-17 13:18 - 000000000 ____D C:\Program Files\trend micro
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    Task: {3E78D987-B76E-4C8E-8219-FED27A1A6E34} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

William_CZ
Návštěvník
Návštěvník
Příspěvky: 72
Registrován: 11 črc 2007 18:41
Kontaktovat uživatele:

Re: Prosím o kontrolu a pomoc

#7 Příspěvek od William_CZ »

Vše provedeno a vkládám sem nový log dle instrukcí.

Fix result of Farbar Recovery Scan Tool (x64) Version: 15.11.2018
Ran by minipc (18-11-2018 18:32:13) Run:1
Running from C:\Users\minipc\Desktop
Loaded Profiles: minipc (Available Profiles: minipc)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\Acer\Revo Suite\tvnserver.exe

HKU\S-1-5-21-1702915684-628408484-2569768411-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-1702915684-628408484-2569768411-1001 -> DefaultScope {3469702A-231C-458B-B233-38E301FEB16A} URL =
SearchScopes: HKU\S-1-5-21-17 02915684-628408484-2569768411-1001 -> {3469702A-231C-458B-B233-38E301FEB16A} URL =
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
C:\WINDOWS\System32\drivers\HipShieldK.sys
S3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
C:\WINDOWS\system32\DRIVERS\mfencrk.sys
2018-11-17 13:18 - 2018-11-17 13:18 - 000000000 ____D C:\rsit
2018-11-17 13:18 - 2018-11-17 13:18 - 000000000 ____D C:\Program Files\trend micro
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {3E78D987-B76E-4C8E-8219-FED27A1A6E34} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 29
Average :
Sum : 13299901
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Program Files (x86)\Acer\Revo Suite\tvnserver.exe ========================

C:\Program Files (x86)\Acer\Revo Suite\tvnserver.exe
File not signed
MD5: 425637ED4E7651B1774F9B7F59244D4E
Creation and modification date: 2016-03-18 02:09 - 2016-03-18 02:09
Size: 002122240
Attributes: ----A
Company Name: GlavSoft LLC.
Internal Name: tvnserver
Original Name: tvnserver.exe
Product: TightVNC
Description: TightVNC Server
File Version: 2.7.10.5
Product Version: 2.7.10.5
Copyright: Copyright (C) 2008-2013 GlavSoft LLC.
VirusTotal: https://www.virustotal.com/file/c270334 ... 508322989/

====== End of File: ======

HKU\S-1-5-21-1702915684-628408484-2569768411-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-1702915684-628408484-2569768411-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-1702915684-628408484-2569768411-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-17 02915684-628408484-2569768411-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3469702A-231C-458B-B233-38E301FEB16A}" => not found
HKLM\Software\Classes\CLSID\{3469702A-231C-458B-B233-38E301FEB16A} => not found
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com" => removed successfully
HKLM\System\CurrentControlSet\Services\HipShieldK => removed successfully
HipShieldK => service removed successfully
C:\WINDOWS\System32\drivers\HipShieldK.sys => moved successfully
HKLM\System\CurrentControlSet\Services\mfencbdc => removed successfully
mfencbdc => service removed successfully
C:\WINDOWS\system32\DRIVERS\mfencbdc.sys => moved successfully
HKLM\System\CurrentControlSet\Services\mfencrk => removed successfully
mfencrk => service removed successfully
C:\WINDOWS\system32\DRIVERS\mfencrk.sys => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E78D987-B76E-4C8E-8219-FED27A1A6E34}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E78D987-B76E-4C8E-8219-FED27A1A6E34}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9986048 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31953660 B
Java, Flash, Steam htmlcache => 1228 B
Windows/system/drivers => 513408 B
Edge => 12079 B
Chrome => 55546382 B
Firefox => 250416952 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
minipc => 79525624 B

RecycleBin => 0 B
EmptyTemp: => 408.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:37:57 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu a pomoc

#8 Příspěvek od Conder »

:arrow: Logy vyzeraju OK, co sa tyka malware.

:arrow: Co sa tyka tej uspory miesta, spusti Cistenie disku ako spravca (start -> napis "cleanmgr" -> klik pravym -> Spustit ako spravca) -> disk C: -> zaskrtni vsetky polozky na vycistenie.

:arrow: Ak nemas, skus zapnut funkciu Compact OS, ktora by mala skomprimovat niektore systemove subory a usetrit tak dalsie miesto na disku. Navod napr. tu: https://touchit.sk/ako-usetrit-miesto-v ... ctos/74944
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

William_CZ
Návštěvník
Návštěvník
Příspěvky: 72
Registrován: 11 črc 2007 18:41
Kontaktovat uživatele:

Re: Prosím o kontrolu a pomoc

#9 Příspěvek od William_CZ »

Děkuji všem z pomoc, ohledně těch rad s místem tak to čištění dělám pravidelně a systém mám "in Compact state".Tak uvidím, třeba najdu ještě nějakou radu, jak něco ušetřit.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu a pomoc

#10 Příspěvek od Conder »

:arrow: Nie je zaco.

:arrow: Tak este upraceme po pouzitych nastrojoch: :arrow: Este ak vies anglicky, tak zopar tipov je tu: https://www.tenforums.com/tutorials/834 ... -10-a.html
Ale vacsina tych, ktore vedia znatelne usetrit miesto je uz nastavena. Do uvahy by pripadalo este vypnutie hibernacie, ak uz nie je vypnuta a nepotrebujes ju.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět