využití fyzické paměti

[lynz]

Prosím o kontrolu logu.

Minulý čtvrtek se počítač zasekl při sledování videa na youtube. Musela jsem vypnout natvrdo přes tlačítko, zapl se normálně a vše fungovalo. Vypínala jsem až pak v neděli ale včera se po cca 10 minutách po startu opět zasekl a teď to dělá stále. Využití fyzické paměti vždy vyletí po 10 minutách na 99 % (podle správce úloh) a dolů vůbec neklesá.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lucinka at 2019-01-22 18:30:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 24 GB (13%) free of 182 GB
Total RAM: 3957 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:30:27, on 22.1.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE
C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files\trend micro\Lucinka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: W2PBrowser Browser Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Philips Device Listener] "C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\PROGRAM FILES\CCLEANER\CCleaner64.exe" /MONITOR
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivX Web Player Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11469 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\servicing\TrustedInstaller.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 31498752
\??\C:\Windows\system32\conhost.exe "170839752-18478749371551094102-14354672-16247791091122703649-2145946203-1043594017
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
taskeng.exe {21B9027C-4AA7-4714-BD80-3EDEA25E1EBA}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
taskeng.exe {06A1DA7F-CFF9-4999-9A11-3898BE6D2CAA}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
taskeng.exe {80556EB1-9B67-414D-8B43-FE3D783249E0}
"C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe" /s
"C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe" /h
"C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe" hide
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WLIDSvcM.exe 2084
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
AvastUI.exe /nogui
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE" /MONITOR /uac
"C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe"
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=71.0.3578.98 --initial-client-data=0x8c,0x90,0x94,0x88,0x98,0x7feed0864d0,0x7feed0864e0,0x7feed0864f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5016 --on-initialized-event-handle=352 --parent-handle=372 /prefetch:6
"C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=14938760558236506174 --mojo-platform-channel-handle=1192 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=2270439447236799944 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2270439447236799944 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2592 /prefetch:1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=2183349322940386448 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2183349322940386448 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=6047960801587273926 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6047960801587273926 --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=8463253554265422948 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8463253554265422948 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=5778121815293348846 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5778121815293348846 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=13509366954105571266 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13509366954105571266 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
"C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=9449287947891349881 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9449287947891349881 --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2660 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=6434152788250526998 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6434152788250526998 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4188 /prefetch:1
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=15720316318359801713 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15720316318359801713 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6604 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=6595588667880474512 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6595588667880474512 --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=16974721611333281257 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16974721611333281257 --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2396 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=14729139546743002985 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14729139546743002985 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7272 /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=9481565032684205118 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9481565032684205118 --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1924 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=13576491360582801258 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13576491360582801258 --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6952 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --lang=cs --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --service-request-channel-token=10334859496439415846 --mojo-platform-channel-handle=6708 /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=16231930854079712282 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16231930854079712282 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7452 /prefetch:1
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=3008124664208514284 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3008124664208514284 --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=788 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=6255845701645530474 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6255845701645530474 --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2600 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=8344413870700159487 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8344413870700159487 --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3704 /prefetch:1

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=5935843635141632539 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5935843635141632539 --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8020 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=1936665470301398032 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1936665470301398032 --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8932 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=2933670763056591836 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2933670763056591836 --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8792 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=828020429062419798 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=828020429062419798 --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8744 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=15439429280286522771 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15439429280286522771 --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9340 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=3232105814344805947 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3232105814344805947 --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8000 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=17304436694135977723 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17304436694135977723 --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9368 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=15789978065180901223 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15789978065180901223 --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9776 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,14425188782653341751,4400132316549417718,131072 --service-pipe-token=10870746491206400124 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10870746491206400124 --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10548 /prefetch:1
"C:\Users\Lucinka\Downloads\RSITx64.exe"
"C:\Program Files\CCleaner\CCUpdate.exe"
"C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.121.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\
deviantart.xml
google-images.xml
imdb.xml
isohunt--bt-search.xml
lyrics-search.xml
mapycz.xml
mininova.xml
sfd.xml
slovnk-czen.xml
slovnk-encz.xml
thesaurus---referencecom.xml
urban-dictionary.xml
vyhledvn-vide-ve-slub-youtube.xml
wikipedia-en---search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-05-02 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA609D72-8482-4076-8991-8CDAE5B93BCB}]
W2PBrowser Class - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-09-17 1236992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-05-02 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-12-01 11660904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-21 2149160]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-01-05 261512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"CCleaner Smart Cleaning"=C:\PROGRAM FILES\CCLEANER\CCleaner64.exe [2018-11-06 19476424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Philips Device Listener"=C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [2012-06-09 380416]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2017-03-17 1046488]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-01-05 261512]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open - C:\Windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2019-01-21 22:43:15 ----SHD---- C:\Config.Msi
2019-01-21 22:32:32 ----A---- C:\Windows\system32\drivers\aswbidsdriver.sys
2019-01-21 22:31:24 ----A---- C:\Windows\system32\aswBoot.exe
2019-01-05 11:02:39 ----A---- C:\Windows\system32\drivers\aswArDisk.sys
2019-01-05 11:02:38 ----A---- C:\Windows\system32\drivers\aswbuniv.sys
2019-01-05 11:02:37 ----A---- C:\Windows\system32\drivers\aswblog.sys
2019-01-05 11:02:37 ----A---- C:\Windows\system32\drivers\aswbidsh.sys

======List of files/folders modified in the last 1 month======

2019-01-22 18:30:25 ----D---- C:\Windows\system32\drivers\etc
2019-01-22 18:30:24 ----D---- C:\Program Files\trend micro
2019-01-22 18:26:55 ----A---- C:\Windows\SYSWOW64\log.txt
2019-01-22 18:24:25 ----D---- C:\Windows\temp
2019-01-22 18:22:39 ----D---- C:\Program Files (x86)\TeamViewer
2019-01-22 18:21:57 ----D---- C:\Windows
2019-01-22 18:09:27 ----D---- C:\Users\Lucinka\AppData\Roaming\uTorrent
2019-01-22 18:09:03 ----D---- C:\Windows\inf
2019-01-22 18:01:27 ----SHD---- C:\Windows\Installer
2019-01-22 17:56:57 ----D---- C:\Windows\system32\config
2019-01-22 17:54:34 ----D---- C:\Windows\system32\drivers
2019-01-21 23:08:37 ----D---- C:\Program Files (x86)\Adobe
2019-01-21 23:08:34 ----D---- C:\Windows\SysWOW64
2019-01-21 23:05:32 ----D---- C:\Windows\Prefetch
2019-01-21 22:43:28 ----D---- C:\ProgramData\Adobe
2019-01-21 22:36:16 ----D---- C:\Windows\system32\Tasks
2019-01-21 22:31:24 ----D---- C:\Windows\System32
2019-01-21 22:26:18 ----D---- C:\Windows\Tasks
2019-01-21 22:26:18 ----D---- C:\Windows\system32\wfp
2019-01-21 22:26:16 ----D---- C:\Windows\system32\wbem
2019-01-21 22:25:28 ----D---- C:\Windows\system32\DriverStore
2019-01-21 22:25:27 ----D---- C:\Windows\system32\catroot2
2019-01-21 22:25:25 ----D---- C:\ProgramData\WinClon
2019-01-21 22:25:20 ----D---- C:\Windows\registration
2019-01-21 22:24:14 ----RHD---- C:\MSOCache
2019-01-21 22:15:23 ----SHD---- C:\System Volume Information
2019-01-06 18:52:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-01-06 18:46:46 ----D---- C:\Windows\winsxs
2018-12-30 21:27:06 ----D---- C:\Users\Lucinka\AppData\Roaming\Mp3tag

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2019-01-05 37304]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-01-05 196264]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblog.sys [2019-01-05 320888]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-01-05 58160]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-01-05 88144]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-01-05 380144]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-27 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-01-05 203488]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-01-21 223056]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2019-01-05 239808]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-01-05 42488]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-01-05 111992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-01-05 1034056]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-01-05 474648]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\Windows\system32\Drivers\SABI.sys [2010-10-07 13824]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-01-21 166792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-01-05 218056]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-07-29 3065408]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-11-10 31088]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-12-01 2647528]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-03-10 86120]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-11-25 409192]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 34032]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-21 1377840]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2019-01-05 46584]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2010-09-21 348712]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-08-21 106536]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-09-14 138280]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-09-14 21416]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
S3 LTXMD_VAC;Litex Media Virtual Audio Cable (WDM); C:\Windows\system32\drivers\lmvac.sys [2011-05-06 28944]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 rtport;rtport; \??\C:\Windows\SysWOW64\drivers\rtport.sys [2011-04-14 15144]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\Windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\Windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\Windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64_prewin8.sys [2018-02-26 31920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-08-14 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-01-05 357816]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-10-22 953632]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-07-01 325656]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-06 993896]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 TeamViewer;TeamViewer 13; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-08-13 11644656]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-01-05 7834368]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-07 164984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-08-30 103552]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-08-30 124024]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-01 2533400]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-08-30 50808]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-07 164984]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-06-12 194512]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [2010-08-09 166704]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-09 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-08-30 139896]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[Diallix]

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, klikni na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

[lynz]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-22-2019
# Duration: 00:00:02
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1834 octets] - [22/06/2018 22:05:16]
AdwCleaner[C00].txt - [1834 octets] - [22/06/2018 22:06:24]
AdwCleaner[S01].txt - [1379 octets] - [22/01/2019 19:08:26]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

[Diallix]

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

[lynz]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
Ran by Lucinka (administrator) on L-PC (22-01-2019 19:22:13)
Running from C:\Users\Lucinka\Desktop
Loaded Profiles: Lucinka (Available Profiles: Lucinka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) C:\Users\Lucinka\Downloads\adwcleaner_7.2.6.0.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\SamsungFastStart\SmartRestarter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-12-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2149160 2010-05-21] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-05] (AVAST Software)
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-06-09] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1046488 2017-03-17] (DivX, LLC)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-05] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3850606738-3580062740-2976655187-1001\...\Run: [CCleaner Smart Cleaning] => C:\PROGRAM FILES\CCLEANER\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd)
HKU\S-1-5-21-3850606738-3580062740-2976655187-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32-x32: [msacm.l3fhg] => C:\Windows\SysWOW64\mp3fhg.acm [232448 2006-10-18] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-03-24] ()
HKLM\...\Drivers32-x32: [VIDC.YV12] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.)
HKLM\...\Drivers32-x32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2011-03-19] (fccHandler)
HKLM\...\Drivers32-x32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [80896 2011-03-29] ()
HKLM\...\Drivers32-x32: [msacm.divxa32] => C:\Windows\SysWOW64\msaud32_divx.acm [186368 2003-02-03] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-19] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\70.1.973.110\Installer\chrmstp.exe [2019-01-04] (AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2010-10-22] (Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-06-06]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2740E069-5DA5-4E91-AFFF-60F8C0913417}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{46D60DB4-0E9E-48A5-A75A-A3D791EC5F0B}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3850606738-3580062740-2976655187-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3850606738-3580062740-2976655187-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3850606738-3580062740-2976655187-1001 -> {56A1412D-C34A-4E43-AA4E-8EC9CD316234} URL = hxxp://www.bing.com/search?FORM=SMSTDF&PC=MASM ... -SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-05-02] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO-x32: W2PBrowser Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-09-17] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-05-02] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3850606738-3580062740-2976655187-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab

FireFox:
========
FF ProfilePath: C:\Users\Lucinka\AppData\Roaming\Philips-Songbird\Profiles\ww82q7b1.default [2016-07-14]
FF Extension: (Czech (cs) Language Pack) - C:\Users\Lucinka\AppData\Roaming\Philips-Songbird\Profiles\ww82q7b1.default\Extensions\langpack-cs@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Artwork Extras) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\albumart@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (CD Rip Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (AAC Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (H.264 Video Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewh264dec@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (MP3 Encoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (MPEG-4 Video Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmpeg4dec@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (File association) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\fileassociation@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Philips GoGear Device Manager) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gogear@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (gonzo) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Gracenote Metadata Lookup Provider) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (mashTape) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (MSC Device Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\msc@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (MTP Device Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mtp@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Philips addon manager) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Philips auto msc-mtp switch) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Philips Skin) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-skin@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Philips UI) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-ui@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Purple Rain) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Concerts) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\concerts@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Philips Promotions) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-promotions@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Philips Branding) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-branding@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Windows Media Playback) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\windowsmedia@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (LikeMusic) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-likemusic@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (MinimizeToTray Plus for Philips Songbird) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-minimizetotray@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Media Sharing) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\sharing@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF ProfilePath: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default [2019-01-22]
FF Homepage: Mozilla\Firefox\Profiles\byt57nf0.default -> hxxp://www.seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\byt57nf0.default -> gopher", ""
FF Extension: (Best Proxy Switcher) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\bestproxyswitcher@bestproxyswitcher.com.xpi [2018-06-12]
FF Extension: (Hide My Ass! Web Proxy) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\extension@hidemyass.com.xpi [2016-09-18] [Legacy]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\sp@avast.com.xpi [2019-01-22]
FF Extension: (Avast Online Security) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\wrc@avast.com.xpi [2018-06-23]
FF Extension: (Quick Translator) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-01-26] [Legacy] [not signed]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2018-06-12]
FF Extension: (gtranslate) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi [2016-12-18] [Legacy]
FF Extension: (Video DownloadHelper) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-06-12]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\deviantart.xml [2016-03-28]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\google-images.xml [2011-08-11]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\imdb.xml [2011-06-06]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\isohunt--bt-search.xml [2015-07-04]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\lyrics-search.xml [2013-02-18]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\mapycz.xml [2013-03-11]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\mininova.xml [2011-06-06]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\sfd.xml [2011-06-06]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\slovnk-czen.xml [2011-06-06]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\slovnk-encz.xml [2011-06-06]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\thesaurus---referencecom.xml [2011-08-11]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\urban-dictionary.xml [2011-06-06]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml [2011-06-06]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\wikipedia-en---search.xml [2013-12-10]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-21] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-23] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-03-16] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-05-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-05-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default [2019-01-22]
CHR Extension: (Překladač Google) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-20]
CHR Extension: (YouTube) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Torrent Turbo Search) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio [2013-07-07]
CHR Extension: (AdBlock) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-01-21]
CHR Extension: (Rozšíření Odběry RSS (od Googlu)) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2014-08-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Auto-Translate) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\obgoiaeapddkeekbocomnjlckbbfapmk [2015-12-29]
CHR Extension: (Tumblr Savior) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2018-05-25]
CHR Extension: (Gmail) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-21]
CHR Extension: (RSS Feed Reader) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2019-01-10]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-05] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-07] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-05] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-07] (AVAST Software)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-05] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-05] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-21] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-05] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-05] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-05] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-05] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-05] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-21] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-05] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-05] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-05] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-05] (AVAST Software)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2010-05-10] (GEAR Software Inc.)
S3 LTXMD_VAC; C:\Windows\System32\drivers\lmvac.sys [28944 2011-05-06] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-04-14] (Windows (R) 2003 DDK 3790 provider)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Western Digital Technologies)
U1 aswbdisk; no ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-22 19:22 - 2019-01-22 19:23 - 000030477 _____ C:\Users\Lucinka\Desktop\FRST.txt
2019-01-22 19:21 - 2019-01-22 19:22 - 000000000 ____D C:\FRST
2019-01-22 19:20 - 2019-01-22 19:20 - 002428416 _____ (Farbar) C:\Users\Lucinka\Desktop\FRST64.exe
2019-01-22 19:01 - 2019-01-22 19:01 - 007320272 _____ (Malwarebytes) C:\Users\Lucinka\Downloads\adwcleaner_7.2.6.0.exe
2019-01-22 18:29 - 2019-01-22 18:29 - 002428416 _____ (Farbar) C:\Users\Lucinka\Downloads\Nepotvrzeno 88712.crdownload
2019-01-22 18:25 - 2019-01-22 18:29 - 001222144 _____ C:\Users\Lucinka\Downloads\RSITx64.exe
2019-01-21 22:32 - 2019-01-21 22:32 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-21 22:31 - 2019-01-05 11:01 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-20 23:28 - 2019-01-21 20:43 - 000009460 _____ C:\Users\Lucinka\Desktop\Sešit1 jhgg.xlsx
2019-01-19 21:40 - 2019-01-19 21:40 - 000610523 _____ C:\Users\Lucinka\Downloads\JoshLanyon.rar
2019-01-09 22:01 - 2019-01-09 22:02 - 018607613 _____ C:\Users\Lucinka\Downloads\HYYH NOTES [DATES].epub
2019-01-07 20:21 - 2019-01-21 22:36 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-01-05 11:02 - 2019-01-05 11:00 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-05 11:02 - 2019-01-05 11:00 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-05 11:02 - 2019-01-05 11:00 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-05 11:02 - 2019-01-05 11:00 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-02 20:26 - 2019-01-02 20:26 - 008336193 _____ C:\Users\Lucinka\Downloads\_single___g_i_dle___hann__alone__by_akari_airi_12-dck8r81.zip
2019-01-02 20:24 - 2019-01-02 20:25 - 051527182 _____ C:\Users\Lucinka\Downloads\_g_i_dle___i_am_by_yazforevah-dcaphr8.zip
2018-12-27 23:22 - 2018-12-27 23:22 - 001194565 _____ C:\Users\Lucinka\Downloads\bb___27960.zip
2018-12-23 18:40 - 2018-12-23 18:41 - 004740523 _____ C:\Users\Lucinka\Downloads\sparAH.zip
2018-12-23 09:54 - 2018-12-23 09:54 - 000008866 _____ C:\Users\Lucinka\Desktop\Sešit1.xlsx

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-22 19:11 - 2017-10-09 19:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-01-22 19:11 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-22 19:00 - 2009-07-14 05:45 - 000022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-22 19:00 - 2009-07-14 05:45 - 000022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-22 18:30 - 2012-09-27 10:29 - 000000000 ____D C:\Program Files\trend micro
2019-01-22 18:09 - 2011-06-06 18:33 - 000000000 ____D C:\Users\Lucinka\AppData\Roaming\uTorrent
2019-01-22 18:09 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-01-21 23:08 - 2011-06-06 15:42 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-01-21 22:43 - 2011-06-06 15:42 - 000000000 ____D C:\ProgramData\Adobe
2019-01-21 22:32 - 2018-06-23 19:45 - 000001963 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-21 22:32 - 2018-06-23 19:43 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-21 22:32 - 2018-06-23 19:43 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-21 22:27 - 2018-04-24 20:54 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-01-21 22:27 - 2018-03-13 20:27 - 000004524 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-21 22:27 - 2017-05-02 18:38 - 000003652 _____ C:\Windows\System32\Tasks\DivXUpdate
2019-01-21 22:27 - 2012-09-26 20:44 - 000002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-01-21 22:27 - 2011-06-06 17:05 - 000003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2019-01-21 22:27 - 2011-06-06 17:02 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-21 22:27 - 2011-06-06 17:02 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-21 22:27 - 2011-06-06 15:47 - 000003148 _____ C:\Windows\System32\Tasks\MirageAgent
2019-01-21 22:27 - 2011-06-06 15:33 - 000000000 ____D C:\Users\Lucinka
2019-01-21 22:27 - 2011-01-21 04:21 - 000003214 _____ C:\Windows\System32\Tasks\advSRS5
2019-01-21 22:27 - 2011-01-21 04:17 - 000003294 _____ C:\Windows\System32\Tasks\EasyBatteryManager
2019-01-21 22:27 - 2011-01-21 04:17 - 000003278 _____ C:\Windows\System32\Tasks\SmartRestarter
2019-01-21 22:27 - 2011-01-21 04:16 - 000003324 _____ C:\Windows\System32\Tasks\SamsungSupportCenter
2019-01-21 22:27 - 2011-01-21 04:16 - 000003238 _____ C:\Windows\System32\Tasks\MovieColorEnhancer
2019-01-21 22:27 - 2011-01-21 04:14 - 000003656 _____ C:\Windows\System32\Tasks\EasySpeedUpManager
2019-01-21 22:27 - 2011-01-21 04:14 - 000003224 _____ C:\Windows\System32\Tasks\EasyDisplayMgr
2019-01-21 22:27 - 2011-01-21 04:14 - 000002994 _____ C:\Windows\System32\Tasks\WifiManager
2019-01-21 22:27 - 2011-01-21 04:13 - 000003154 _____ C:\Windows\System32\Tasks\BatteryLifeExtender
2019-01-21 22:27 - 2011-01-21 04:04 - 000003226 _____ C:\Windows\System32\Tasks\SUPBackground
2019-01-21 22:27 - 2011-01-21 04:00 - 000003624 _____ C:\Windows\System32\Tasks\SRS Premium Sound
2019-01-21 22:25 - 2015-12-03 22:48 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-01-21 22:25 - 2011-01-21 04:21 - 000000000 ____D C:\ProgramData\WinClon
2019-01-21 22:25 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2019-01-21 22:24 - 2011-06-06 19:27 - 000000000 __RHD C:\MSOCache
2019-01-21 21:26 - 2015-05-25 19:36 - 000007635 _____ C:\Users\Lucinka\AppData\Local\Resmon.ResmonCfg
2019-01-19 21:41 - 2018-11-17 19:00 - 000000000 ____D C:\Users\Lucinka\Downloads\!11 2018 books
2019-01-06 18:52 - 2011-01-21 21:45 - 000669116 _____ C:\Windows\system32\perfh005.dat
2019-01-06 18:52 - 2011-01-21 21:45 - 000141744 _____ C:\Windows\system32\perfc005.dat
2019-01-06 18:52 - 2009-07-14 06:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-05 11:01 - 2018-10-19 16:39 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-05 11:00 - 2018-06-23 19:43 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-04 17:52 - 2018-04-07 07:56 - 000002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-12-30 21:27 - 2018-06-10 18:51 - 000000000 ____D C:\Users\Lucinka\Downloads\bts
2018-12-30 21:27 - 2011-06-13 15:18 - 000000000 ____D C:\Users\Lucinka\AppData\Roaming\Mp3tag
2018-12-30 12:56 - 2018-04-07 07:52 - 000000000 ____D C:\Users\Lucinka\AppData\Local\AVAST Software
2018-12-27 18:26 - 2018-01-25 18:17 - 000000000 ____D C:\Users\Lucinka\Downloads\dokumenty uredni a ucty
2018-12-27 18:26 - 2015-01-08 20:37 - 000000000 ____D C:\Users\Lucinka\Downloads\kreativita
2018-12-27 18:26 - 2014-10-25 08:58 - 000000000 ____D C:\Users\Lucinka\Downloads\FOTO A OBRAZKY
2018-12-27 18:07 - 2011-09-26 18:12 - 000000000 ____D C:\Users\Lucinka\Downloads\xx roztrid xx
2018-12-24 20:22 - 2012-01-27 18:19 - 000000000 ____D C:\Users\Lucinka\Downloads\EBOOKS

==================== Files in the root of some directories =======

2015-05-25 19:36 - 2019-01-21 21:26 - 000007635 _____ () C:\Users\Lucinka\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-13 00:48

==================== End of FRST.txt ============================

[lynz]

Než jsem stihla nakopírovat druhý log tak se pc opět zasekl.





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by Lucinka (22-01-2019 19:24:53)
Running from C:\Users\Lucinka\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-06-06 14:33:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3850606738-3580062740-2976655187-500 - Administrator - Disabled)
Guest (S-1-5-21-3850606738-3580062740-2976655187-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3850606738-3580062740-2976655187-1088 - Limited - Enabled)
Lucinka (S-1-5-21-3850606738-3580062740-2976655187-1001 - Administrator - Enabled) => C:\Users\Lucinka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Messenger“ pagalbinė priemonė (HKLM-x32\...\{7E274911-32ED-4489-9B04-4EF100D0E4D3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3 - )
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
Ashampoo Burning Studio 6 FREE v.6.81 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.1 - Ashampoo GmbH & Co. KG)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.1.973.110 - AVAST Software)
BatteryLifeExtender (HKLM-x32\...\{EA257ECF-5F72-4461-B890-959394DCD087}) (Version: 1.0.10 - Samsung)
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
CanoScan LiDE 70 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
Complément Messenger (HKLM-x32\...\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Complemento Messenger (HKLM-x32\...\{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.224 - DivX, LLC)
Doplnok programu Messenger (HKLM-x32\...\{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0.0.5 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{FCF2085E-ABE5-4AA8-B07C-65BBD56DA243}) (Version: 4.4.6 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{EA76E65F-6679-495A-A8A6-42AD6602ED4C}) (Version: 1.0.11 - Samsung)
Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.0 - SAMSUNG)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.17.5274 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
High-Logic FontCreator 6.5 (HKLM-x32\...\FontCreator6_is1) (Version: - High-Logic B.V.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
IrfanView 4.44 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.44 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java(TM) 6 Update 39 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216039FF}) (Version: 6.0.390 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jazz Jackrabbit 2 (HKLM-x32\...\Jazz Jackrabbit 2) (Version: - )
Jpeg Resampler Vs 6+ (HKLM-x32\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 7.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Assistent (HKLM-x32\...\{56D42B00-572C-4AE9-BCFB-CD45A3B5D0E1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{066219C8-4BE6-46D7-9E01-60FCFA6B32DC}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{082E37F5-3924-4168-A69A-1B6B1FEA587C}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{3889988F-762B-4B85-AB17-71C9CC3AE445}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{6DD3B54B-F0D0-4A69-8344-F52033225A02}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{781E0319-15CD-4A4C-A47E-D9FFF697E7A1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{8142D25E-028A-4563-86ED-5755783C8029}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{847C879C-1467-4924-A491-1302B4C58F70}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{939C80FA-96C9-44A6-B318-8E7D8BD8481B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{96403552-88D1-429F-9C92-388B814B885E}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{B44F3823-52DD-45CA-A916-8B320778715D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{C7DAD22D-29D4-438F-B986-03B9ED582EA4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{D4F81B27-4054-4AD6-A588-265508BAA17C}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{D58E381C-DE02-46A9-B9D1-A2CB807D2676}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger kísérő (HKLM-x32\...\{F3ECEB0A-82A0-4DB9-BB44-393A66BA0871}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Pratilac (HKLM-x32\...\{902585EB-8FA3-43A5-AD1C-5C9821A77114}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Suradnik (HKLM-x32\...\{3FD1CB9F-807F-451B-926C-9D19C84CFC61}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 사이트 공유 (HKLM-x32\...\{AB067785-9646-456B-91C3-E71228132A4C}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 分享元件 (HKLM-x32\...\{CF088261-BC81-4FB9-9BA0-7B5B9602D01A}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 浏览器插件 (HKLM-x32\...\{7F061FA8-5A87-4758-876B-17EE28B358D0}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger-kumppani (HKLM-x32\...\{D657CCB5-9F2F-4D3C-B93D-F77EBEF79B66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 2010 pro studenty a domácnosti (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MKVToolNix 5.3.0 (HKLM-x32\...\MKVToolNix) (Version: 5.3.0 - Moritz Bunkus)
Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Mozilla Firefox 60.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 60.0.2 (x64 cs)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.2.6730 - Mozilla)
Mp3tag v2.50 (HKLM-x32\...\Mp3tag) (Version: v2.50 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 267.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.54 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 267.54 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 267.54 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Philips Songbird (HKLM-x32\...\Philips Songbird) (Version: 2.6.1 Build: 6.1.2265 - Koninklijke Philips Electronics N.V.)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocnik Messenger (HKLM-x32\...\{BD8DA595-F501-4ABE-85A0-5C23E82472A0}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.33.1125.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6257 - Realtek Semiconductor Corp.)
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 1.1.21.0 - Samsung Electronics Co., Ltd.)
Samsung AnyWeb Print (HKLM-x32\...\{6C016AC4-0282-4C82-B12F-3D5910DA7319}) (Version: 1.0 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.8 - Samsung)
Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.01.06.00:16 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.1.0 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.1.17 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Spremljevalec Messenger (HKLM-x32\...\{F14F9EE9-9B68-42B4-90F7-0924F7619281}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.1000 - SRS Labs, Inc.)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
Sudoku UltiMate 2.3 (HKLM-x32\...\Sudoku UltiMate_is1) (Version: - Pavel Zykán)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.22.0 - Synaptics Incorporated)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7000 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Компаньон Messenger (HKLM-x32\...\{3705D53F-BB01-4BEE-8585-289E71CAC4B4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Помощник на Messenger (HKLM-x32\...\{FEA0181F-3758-46DA-B7EC-F3CDFA7E0CE7}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
מסייע Messenger (HKLM-x32\...\{AB5977C5-11AE-4003-BA7D-261C48F2BC35}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) (HKLM-x32\...\{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}) (Version: 15.4.5722.2 - Microsoft Corporation)
원격 연결을 위한 Windows Live Mesh ActiveX 컨트롤 (HKLM-x32\...\{61920449-0393-4707-B7DD-E6C0013C8B2C}) (Version: 15.4.5722.2 - Microsoft Corporation)
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3850606738-3580062740-2976655187-1001_Classes\CLSID\{052DB226-BE3B-44D4-B932-9C8049B2110B}\InprocServer32 -> C:\Users\Lucinka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\VolumeGadget.gadget\dlls\VolumeControl64.dll (Indev)
CustomCLSID: HKU\S-1-5-21-3850606738-3580062740-2976655187-1001_Classes\CLSID\{89BB4535-5AE9-43a0-89C5-19B4697E5C5E}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-05] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-05] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-05] (AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2014-04-09] (Piriform Ltd)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_100.dll [2011-06-17] (Free Time)
ContextMenuHandlers1-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-18] ()
ContextMenuHandlers1-x32: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-06] ()
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-05] (AVAST Software)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_100.dll [2011-06-17] (Free Time)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-03-06] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-05] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2014-04-09] (Piriform Ltd)
ContextMenuHandlers6-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-18] ()
ContextMenuHandlers6-x32: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-06] ()
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0342C578-E307-4E48-A195-199FDCE2A53F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {038C1B91-9200-4160-B70C-413BE01383FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {05B1916B-D619-4089-A03A-42C2A2B8139C} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {33E342E1-3D50-482D-BED5-8A3374BEEBB0} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2017-03-07] (DivX, LLC)
Task: {39E94ECC-112B-4F09-9EE4-BD38F258D55D} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2010-11-28] (Samsung Electronics Co., Ltd.)
Task: {521B7D8E-C469-4DA1-B797-D695C9BD1062} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-07] (AVAST Software)
Task: {6320C4A1-C223-4E59-920A-38634B946F72} - System32\Tasks\EasySpeedUpManager => Command(1): "%programfiles(x86)%\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe" -> /s
Task: {6320C4A1-C223-4E59-920A-38634B946F72} - System32\Tasks\EasySpeedUpManager => Command(2): C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2010-02-10] (Samsung Electronics Co., Ltd.)
Task: {7B30EE0D-E7B9-436D-8A65-E30A371514CF} - System32\Tasks\CCleanerSkipUAC => C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE [2018-11-06] (Piriform Software Ltd)
Task: {8AC49D1F-74B9-4B31-B2E3-AD0F43233897} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {947E68AF-8FA1-4EBD-9797-8E84668FAD00} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {9B72E3DD-B0E5-47B3-93BC-0E95E17CE07F} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)
Task: {A2D07A01-6315-45E7-BD6F-B5F3DDB75528} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {A5E2EB9E-2B1E-4712-980E-1C2CCE1F515A} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-08-19] (Samsung Electronics Co., Ltd.)
Task: {A7C892DC-CBF3-4DBA-A074-0FCD2000521A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-07] (AVAST Software)
Task: {AA6E997F-855F-434B-B04C-DB9AE364F697} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)
Task: {BB361673-0BF0-4BA0-90D3-E6B7E90D822A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {BEFC2918-CB2B-4109-987D-E6626B80E093} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-11-28] (Samsung Electronics Co., Ltd.)
Task: {C05843EA-FE56-41E5-AAE7-E518B87DAF76} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-11-05] (AVAST Software)
Task: {C2C9BC4B-A58B-4A8E-83E7-46496A72A1C1} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-01] (Samsung Electronics. Co. Ltd.)
Task: {CFB9AF13-9A24-46D3-8EDE-ACA968526366} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-05] (AVAST Software)
Task: {D6022B10-7BDC-4192-9B97-802D0586E5AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D8BF3B55-BBFF-40A1-BEF5-A834BDD01351} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-05053A95\EPM.exe
Task: {DED9F1B8-9CAD-4FA8-AEB4-977B7ECB78B7} - System32\Tasks\{D29F3714-0AA5-4F52-A084-179327AF66E6} => C:\Windows\system32\pcalua.exe -a C:\Users\Lucinka\Downloads\iview428_setup.exe -d C:\Users\Lucinka\Downloads
Task: {E79AAC0D-0DA5-49F8-A548-359B007B9BB8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-23] (Adobe Systems Incorporated)
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\advSRS5" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\BatteryLifeExtender" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\DivXUpdate" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\EasyBatteryManager" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\EasyDisplayMgr" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\EasySpeedUpManager" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\MirageAgent" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\MovieColorEnhancer" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\SamsungSupportCenter" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\SidebarExecute" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\SmartRestarter" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\SRS Premium Sound" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\SUPBackground" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\WifiManager" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {F190E6DB-6B39-4792-BFB0-F8759676F185} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe [2010-11-29] (SRS Labs, Inc.)
Task: {F1D7D9B4-9968-4F0B-810F-ED91DF1C2F64} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe [2018-06-22] (Adobe Systems Incorporated)
Task: {FD3CE2CC-85C4-4D6A-8C26-E38E44C9B4AE} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-01-05 11:01 - 2019-01-05 11:01 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-22 18:00 - 2019-01-22 18:00 - 006937744 _____ () C:\Program Files\AVAST Software\Avast\defs\19012202\algo64.dll
2019-01-05 11:01 - 2019-01-05 11:01 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-05 11:01 - 2019-01-05 11:01 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-05 11:01 - 2019-01-05 11:01 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-01-22 19:17 - 2019-01-22 19:17 - 006937744 _____ () C:\Program Files\AVAST Software\Avast\defs\19012204\algo64.dll
2011-06-23 21:54 - 2005-03-11 23:07 - 000087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-06-06 15:43 - 2008-06-05 00:53 - 000027648 _____ () C:\Windows\System32\spd__l.dll
2011-06-07 13:41 - 2011-05-28 21:05 - 000164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-05-14 12:34 - 2010-09-06 17:21 - 000538435 _____ () C:\Program Files (x86)\JpegResampler2010\JRcm64.dll
2011-01-21 04:08 - 2009-12-01 08:21 - 000244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-06-06 15:43 - 2010-04-21 00:44 - 000719872 _____ () C:\Windows\system32\SnMinDrv.dll
2012-06-09 12:15 - 2012-06-09 12:14 - 000380416 _____ () C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
2018-12-19 16:36 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-19 16:36 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-11-06 17:14 - 2018-11-06 17:14 - 000090576 _____ () C:\PROGRAM FILES\CCLEANER\lang\lang-1029.dll
2011-01-21 04:13 - 2006-08-12 04:48 - 000049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2011-01-21 04:21 - 2010-05-07 15:22 - 001636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2011-01-21 04:16 - 2010-07-05 11:42 - 000203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
2009-11-02 06:20 - 2009-11-02 06:20 - 000619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 000013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:16E76E27 [230]
AlternateDataStreams: C:\ProgramData\Temp:1A052BF6 [262]
AlternateDataStreams: C:\ProgramData\Temp:2701988C [264]
AlternateDataStreams: C:\ProgramData\Temp:28BEC2EC [232]
AlternateDataStreams: C:\ProgramData\Temp:4D551822 [137]
AlternateDataStreams: C:\ProgramData\Temp:5CD70138 [127]
AlternateDataStreams: C:\ProgramData\Temp:5DABFF83 [126]
AlternateDataStreams: C:\ProgramData\Temp:85376176 [141]
AlternateDataStreams: C:\ProgramData\Temp:96646EC1 [117]
AlternateDataStreams: C:\ProgramData\Temp:A10E88DE [126]
AlternateDataStreams: C:\ProgramData\Temp:A7BFF8A2 [119]
AlternateDataStreams: C:\ProgramData\Temp:B66E5745 [112]
AlternateDataStreams: C:\ProgramData\Temp:D026A5A4 [135]
AlternateDataStreams: C:\ProgramData\Temp:E0888117 [134]
AlternateDataStreams: C:\ProgramData\Temp:F610C203 [222]
AlternateDataStreams: C:\ProgramData\Temp:FB4262DE [318]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-22 18:30 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\WIDCOMM\Bluetooth Software;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\MKVToolNix;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-3850606738-3580062740-2976655187-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lucinka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{39009407-C230-4747-B2FA-9DC51185399C}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe (CyberLink Corp.)
FirewallRules: [{A302EB01-2AE2-4941-B2AD-AB6115CF9054}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE (CyberLink Corp.)
FirewallRules: [{9197CB4A-F8BA-4773-963F-79EA69F5A69E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{7D4AB563-DE14-429F-B216-5DEA1E3E971F}] => (Allow) LPort=2869
FirewallRules: [{5D8273DE-7F17-4F33-8FB4-94B67BD434CC}] => (Allow) LPort=1900
FirewallRules: [{4579C15C-2FBD-4AC6-A8E7-2AE6176AC19B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
FirewallRules: [{B36022DA-9EC6-448F-849F-9158620D7257}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation)
FirewallRules: [{A78FD4DC-1394-4672-85B1-C022BF01A955}] => (Allow) C:\Windows\System32\SUPDSvc.exe (Samsung Electronics CO., LTD.)
FirewallRules: [{F539C6BC-4882-4057-9A4F-468406FA80F6}] => (Allow) C:\Windows\System32\SUPDSvc.exe (Samsung Electronics CO., LTD.)
FirewallRules: [{C3353E64-9AB7-4259-9E7F-4052593C0CA2}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe (Samsung Electronics Co., Ltd.)
FirewallRules: [{EB945000-20D5-46C9-8D5A-C4833CEF8693}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe (Samsung Electronics Co., Ltd.)
FirewallRules: [{69CF6EE0-E6CC-4B33-9D9C-64DB918DFC53}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics Co., Ltd.)
FirewallRules: [{A615AF9D-5F3A-417D-9B6B-1DFAACE52C13}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics Co., Ltd.)
FirewallRules: [{40C94204-2135-4CE9-8FCE-15EE9DFB88F2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{52B46326-E7ED-449B-8230-6E0AE62CCF48}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{62CF71D8-835A-46BC-A9B4-3A672D064242}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{D6EBEDDD-8BE1-45CA-86F6-6EFF35EC5996}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{ABAE1873-B910-4F1D-848E-5666D87151B6}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{E55D619E-26B0-4F04-811D-181F56A71639}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{B9806F68-C7C0-4D6E-8152-0778F1D95434}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [TCP Query User{DE742388-DCB4-4301-B2B4-5B54B3C68216}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google Inc.)
FirewallRules: [UDP Query User{ACC3EB82-9610-402C-9601-08839D311FD7}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google Inc.)
FirewallRules: [{7C44880B-837E-4F21-987D-F14139BE3E24}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe ()
FirewallRules: [{CD752EBD-233D-4E3B-989A-FFCE5EB61CC0}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe ()
FirewallRules: [{8D74281E-0EB9-4123-B19C-E88E472F8149}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{71DE6E69-EFE8-441F-970F-F3BA63C9E35B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{585CA7AF-6D22-43B5-9D76-E79EAB4CF620}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{1A5CD6DA-12AE-4A71-84C9-49CDCEFA8BB6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{D81EEF29-C162-42D0-B341-E64297CEF31A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{40E217F8-56E1-4A87-BDD1-40C6FF9539C2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{6CD1B5C1-265E-4A85-8E16-EE69148A46E6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{215DB667-280C-4690-9386-861B976A42E3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{08F1DE29-A519-440D-93F2-DE64CD457B3B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{D9562C14-F714-461F-9DEA-B3CD5C992CBB}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software)
FirewallRules: [{5333334D-0FCE-4E2D-9889-58561A4F2385}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{AE86A34D-0C33-4EAD-80BF-1FD7027E3FFE}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)

==================== Restore Points =========================

25-08-2018 14:33:05 Naplánovaný kontrolní bod
13-09-2018 00:23:36 Naplánovaný kontrolní bod
26-09-2018 22:42:31 Naplánovaný kontrolní bod
08-10-2018 23:02:44 Naplánovaný kontrolní bod
17-10-2018 23:06:06 Naplánovaný kontrolní bod
24-10-2018 23:20:34 Naplánovaný kontrolní bod
01-11-2018 00:39:48 Naplánovaný kontrolní bod
09-11-2018 22:37:49 Naplánovaný kontrolní bod
18-11-2018 01:40:40 Naplánovaný kontrolní bod
25-11-2018 23:56:44 Naplánovaný kontrolní bod
04-12-2018 23:09:41 Naplánovaný kontrolní bod
14-12-2018 23:11:04 Naplánovaný kontrolní bod
24-12-2018 00:25:39 Naplánovaný kontrolní bod
31-12-2018 19:04:51 Naplánovaný kontrolní bod
13-01-2019 00:06:06 Naplánovaný kontrolní bod
21-01-2019 22:14:27 Operace obnovení

==================== Faulty Device Manager Devices =============

Name: Broadcom BCM2070 Bluetooth 3.0 + HS USB Device
Description: Broadcom BCM2070 Bluetooth 3.0 + HS USB Device
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/22/2019 07:00:17 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (01/22/2019 06:24:29 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/22/2019 06:24:29 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/22/2019 06:24:29 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/22/2019 06:24:29 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (01/22/2019 06:24:19 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/22/2019 06:24:19 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (01/22/2019 06:24:19 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (01/22/2019 07:18:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (01/22/2019 07:10:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (01/22/2019 07:10:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (01/22/2019 07:10:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (01/22/2019 07:09:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (01/22/2019 07:09:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (01/22/2019 07:09:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (01/22/2019 07:09:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Bluetooth Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2014-03-15 03:26:57.998
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{B3C9CDE0-72CD-45BE-AF95-A75507B1EE0D}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2013-12-08 12:55:12.554
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{FCA8D655-0FB3-471C-84EF-68CDAF1E5D34}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2012-10-25 18:06:15.678
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

CodeIntegrity:
===================================

Date: 2012-09-27 23:27:30.777
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-27 23:27:30.679
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-27 23:27:30.582
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-27 23:27:30.484
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-27 23:21:28.468
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-27 23:21:28.369
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-27 23:21:28.269
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-27 23:21:28.172
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 69%
Total physical RAM: 3956.56 MB
Available physical RAM: 1199.93 MB
Total Virtual: 7911.31 MB
Available Virtual: 4724.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:178 GB) (Free:23.2 GB) NTFS
Drive d: () (Fixed) (Total:265.61 GB) (Free:46.41 GB) NTFS

\\?\Volume{ecd84245-2597-11e0-ba9b-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS
\\?\Volume{21f120a5-66c5-11e0-a3d4-806e6f6e6963}\ (SAMSUNG_REC) (Fixed) (Total:22.05 GB) (Free:0.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8E39AC28)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=178 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=265.6 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=22 GB) - (Type=27)

==================== End of Addition.txt ============================

[Diallix]

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
2019-01-22 19:00 - 2009-07-14 05:45 - 000022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-22 19:00 - 2009-07-14 05:45 - 000022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-3850606738-3580062740-2976655187-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3850606738-3580062740-2976655187-1001 -> {56A1412D-C34A-4E43-AA4E-8EC9CD316234} URL = hxxp://www.bing.com/search?FORM=SMSTDF&PC=MASM&q={searchTerms}&src=IE-SearchBox
Toolbar: HKU\S-1-5-21-3850606738-3580062740-2976655187-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
U1 aswbdisk; no ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
2019-01-21 22:27 - 2011-06-06 17:02 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-21 22:27 - 2011-06-06 17:02 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
Task: {038C1B91-9200-4160-B70C-413BE01383FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {05B1916B-D619-4089-A03A-42C2A2B8139C} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {33E342E1-3D50-482D-BED5-8A3374BEEBB0} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2017-03-07] (DivX, LLC)
Task: {BB361673-0BF0-4BA0-90D3-E6B7E90D822A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D6022B10-7BDC-4192-9B97-802D0586E5AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
AlternateDataStreams: C:\ProgramData\Temp:16E76E27 [230]
AlternateDataStreams: C:\ProgramData\Temp:1A052BF6 [262]
AlternateDataStreams: C:\ProgramData\Temp:2701988C [264]
AlternateDataStreams: C:\ProgramData\Temp:28BEC2EC [232]
AlternateDataStreams: C:\ProgramData\Temp:4D551822 [137]
AlternateDataStreams: C:\ProgramData\Temp:5CD70138 [127]
AlternateDataStreams: C:\ProgramData\Temp:5DABFF83 [126]
AlternateDataStreams: C:\ProgramData\Temp:85376176 [141]
AlternateDataStreams: C:\ProgramData\Temp:96646EC1 [117]
AlternateDataStreams: C:\ProgramData\Temp:A10E88DE [126]
AlternateDataStreams: C:\ProgramData\Temp:A7BFF8A2 [119]
AlternateDataStreams: C:\ProgramData\Temp:B66E5745 [112]
AlternateDataStreams: C:\ProgramData\Temp:D026A5A4 [135]
AlternateDataStreams: C:\ProgramData\Temp:E0888117 [134]
AlternateDataStreams: C:\ProgramData\Temp:F610C203 [222]
AlternateDataStreams: C:\ProgramData\Temp:FB4262DE [318]
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

[lynz]

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by Lucinka (22-01-2019 20:53:36) Run:1
Running from C:\Users\Lucinka\Desktop
Loaded Profiles: Lucinka (Available Profiles: Lucinka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
2019-01-22 19:00 - 2009-07-14 05:45 - 000022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-22 19:00 - 2009-07-14 05:45 - 000022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3850606738-3580062740-2976655187-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3850606738-3580062740-2976655187-1001 -> {56A1412D-C34A-4E43-AA4E-8EC9CD316234} URL = hxxp://www.bing.com/search?FORM=SMSTDF&PC=MASM ... -SearchBox
Toolbar: HKU\S-1-5-21-3850606738-3580062740-2976655187-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
U1 aswbdisk; no ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
2019-01-21 22:27 - 2011-06-06 17:02 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-21 22:27 - 2011-06-06 17:02 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
Task: {038C1B91-9200-4160-B70C-413BE01383FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {05B1916B-D619-4089-A03A-42C2A2B8139C} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {33E342E1-3D50-482D-BED5-8A3374BEEBB0} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2017-03-07] (DivX, LLC)
Task: {BB361673-0BF0-4BA0-90D3-E6B7E90D822A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D6022B10-7BDC-4192-9B97-802D0586E5AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
AlternateDataStreams: C:\ProgramData\Temp:16E76E27 [230]
AlternateDataStreams: C:\ProgramData\Temp:1A052BF6 [262]
AlternateDataStreams: C:\ProgramData\Temp:2701988C [264]
AlternateDataStreams: C:\ProgramData\Temp:28BEC2EC [232]
AlternateDataStreams: C:\ProgramData\Temp:4D551822 [137]
AlternateDataStreams: C:\ProgramData\Temp:5CD70138 [127]
AlternateDataStreams: C:\ProgramData\Temp:5DABFF83 [126]
AlternateDataStreams: C:\ProgramData\Temp:85376176 [141]
AlternateDataStreams: C:\ProgramData\Temp:96646EC1 [117]
AlternateDataStreams: C:\ProgramData\Temp:A10E88DE [126]
AlternateDataStreams: C:\ProgramData\Temp:A7BFF8A2 [119]
AlternateDataStreams: C:\ProgramData\Temp:B66E5745 [112]
AlternateDataStreams: C:\ProgramData\Temp:D026A5A4 [135]
AlternateDataStreams: C:\ProgramData\Temp:E0888117 [134]
AlternateDataStreams: C:\ProgramData\Temp:F610C203 [222]
AlternateDataStreams: C:\ProgramData\Temp:FB4262DE [318]
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
*****************

Processes closed successfully.
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 => moved successfully
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 => moved successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully
"HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully
"HKU\S-1-5-21-3850606738-3580062740-2976655187-1001\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully
"HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-3850606738-3580062740-2976655187-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56A1412D-C34A-4E43-AA4E-8EC9CD316234} => removed successfully
HKLM\Software\Classes\CLSID\{56A1412D-C34A-4E43-AA4E-8EC9CD316234} => not found
"HKU\S-1-5-21-3850606738-3580062740-2976655187-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\System\CurrentControlSet\Services\AppMgmt => removed successfully
AppMgmt => service removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\catchme => removed successfully
catchme => service removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{038C1B91-9200-4160-B70C-413BE01383FC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{038C1B91-9200-4160-B70C-413BE01383FC}" => removed successfully
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{05B1916B-D619-4089-A03A-42C2A2B8139C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05B1916B-D619-4089-A03A-42C2A2B8139C}" => removed successfully
C:\Windows\System32\Tasks\SUPBackground => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPBackground" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33E342E1-3D50-482D-BED5-8A3374BEEBB0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33E342E1-3D50-482D-BED5-8A3374BEEBB0}" => removed successfully
C:\Windows\System32\Tasks\DivXUpdate => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DivXUpdate" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BB361673-0BF0-4BA0-90D3-E6B7E90D822A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB361673-0BF0-4BA0-90D3-E6B7E90D822A}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6022B10-7BDC-4192-9B97-802D0586E5AB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6022B10-7BDC-4192-9B97-802D0586E5AB}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\ProgramData\Temp => ":16E76E27" ADS removed successfully
C:\ProgramData\Temp => ":1A052BF6" ADS removed successfully
C:\ProgramData\Temp => ":2701988C" ADS removed successfully
C:\ProgramData\Temp => ":28BEC2EC" ADS removed successfully
C:\ProgramData\Temp => ":4D551822" ADS removed successfully
C:\ProgramData\Temp => ":5CD70138" ADS removed successfully
C:\ProgramData\Temp => ":5DABFF83" ADS removed successfully
C:\ProgramData\Temp => ":85376176" ADS removed successfully
C:\ProgramData\Temp => ":96646EC1" ADS removed successfully
C:\ProgramData\Temp => ":A10E88DE" ADS removed successfully
C:\ProgramData\Temp => ":A7BFF8A2" ADS removed successfully
C:\ProgramData\Temp => ":B66E5745" ADS removed successfully
C:\ProgramData\Temp => ":D026A5A4" ADS removed successfully
C:\ProgramData\Temp => ":E0888117" ADS removed successfully
C:\ProgramData\Temp => ":F610C203" ADS removed successfully
C:\ProgramData\Temp => ":FB4262DE" ADS removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpywareTerminatorShield => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpywareTerminatorUpdater => removed successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-01-2019 21:07:22)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected

==== End of Fixlog 21:07:22 ====

[Diallix]

Poprosim o nove logy FRST+ADDITION.

[lynz]

Provedu, jen mi tu teď vyskočilo tohle okno viz přiložený obrázek.
Předpokládám, že to souvisí s tím co se teď opravovalo?

[lynz]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
Ran by Lucinka (administrator) on L-PC (22-01-2019 21:19:04)
Running from C:\Users\Lucinka\Desktop
Loaded Profiles: Lucinka (Available Profiles: Lucinka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\SamsungFastStart\SmartRestarter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\slui.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-12-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2149160 2010-05-21] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-05] (AVAST Software)
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-06-09] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1046488 2017-03-17] (DivX, LLC)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-05] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3850606738-3580062740-2976655187-1001\...\Run: [CCleaner Smart Cleaning] => C:\PROGRAM FILES\CCLEANER\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd)
HKLM\...\Drivers32-x32: [msacm.l3fhg] => C:\Windows\SysWOW64\mp3fhg.acm [232448 2006-10-18] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-03-24] ()
HKLM\...\Drivers32-x32: [VIDC.YV12] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.)
HKLM\...\Drivers32-x32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2011-03-19] (fccHandler)
HKLM\...\Drivers32-x32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [80896 2011-03-29] ()
HKLM\...\Drivers32-x32: [msacm.divxa32] => C:\Windows\SysWOW64\msaud32_divx.acm [186368 2003-02-03] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-19] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\70.1.973.110\Installer\chrmstp.exe [2019-01-04] (AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2010-10-22] (Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-06-06]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2740E069-5DA5-4E91-AFFF-60F8C0913417}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{46D60DB4-0E9E-48A5-A75A-A3D791EC5F0B}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3850606738-3580062740-2976655187-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3850606738-3580062740-2976655187-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-05-02] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO-x32: W2PBrowser Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-09-17] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-05-02] (Oracle Corporation)
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab

FireFox:
========
FF ProfilePath: C:\Users\Lucinka\AppData\Roaming\Philips-Songbird\Profiles\ww82q7b1.default [2016-07-14]
FF Extension: (Czech (cs) Language Pack) - C:\Users\Lucinka\AppData\Roaming\Philips-Songbird\Profiles\ww82q7b1.default\Extensions\langpack-cs@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Artwork Extras) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\albumart@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (CD Rip Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (AAC Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (H.264 Video Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewh264dec@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (MP3 Encoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (MPEG-4 Video Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmpeg4dec@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (File association) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\fileassociation@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Philips GoGear Device Manager) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gogear@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (gonzo) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Gracenote Metadata Lookup Provider) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (mashTape) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (MSC Device Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\msc@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (MTP Device Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mtp@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Philips addon manager) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Philips auto msc-mtp switch) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Philips Skin) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-skin@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Philips UI) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-ui@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Purple Rain) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Concerts) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\concerts@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Philips Promotions) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-promotions@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Philips Branding) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-branding@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Windows Media Playback) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\windowsmedia@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF Extension: (LikeMusic) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-likemusic@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (MinimizeToTray Plus for Philips Songbird) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-minimizetotray@philips.com [2012-06-09] [Legacy] [not signed]
FF Extension: (Media Sharing) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\sharing@songbirdnest.com [2012-06-09] [Legacy] [not signed]
FF ProfilePath: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default [2019-01-22]
FF Homepage: Mozilla\Firefox\Profiles\byt57nf0.default -> hxxp://www.seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\byt57nf0.default -> gopher", ""
FF Extension: (Best Proxy Switcher) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\bestproxyswitcher@bestproxyswitcher.com.xpi [2018-06-12]
FF Extension: (Hide My Ass! Web Proxy) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\extension@hidemyass.com.xpi [2016-09-18] [Legacy]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\sp@avast.com.xpi [2019-01-22]
FF Extension: (Avast Online Security) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\wrc@avast.com.xpi [2018-06-23]
FF Extension: (Quick Translator) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-01-26] [Legacy] [not signed]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2018-06-12]
FF Extension: (gtranslate) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi [2016-12-18] [Legacy]
FF Extension: (Video DownloadHelper) - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-06-12]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\deviantart.xml [2016-03-28]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\google-images.xml [2011-08-11]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\imdb.xml [2011-06-06]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\isohunt--bt-search.xml [2015-07-04]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\lyrics-search.xml [2013-02-18]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\mapycz.xml [2013-03-11]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\mininova.xml [2011-06-06]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\sfd.xml [2011-06-06]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\slovnk-czen.xml [2011-06-06]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\slovnk-encz.xml [2011-06-06]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\thesaurus---referencecom.xml [2011-08-11]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\urban-dictionary.xml [2011-06-06]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml [2011-06-06]
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\byt57nf0.default\searchplugins\wikipedia-en---search.xml [2013-12-10]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-21] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-03-16] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-05-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-05-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default [2019-01-22]
CHR Extension: (Překladač Google) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-20]
CHR Extension: (YouTube) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Torrent Turbo Search) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio [2013-07-07]
CHR Extension: (AdBlock) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-01-21]
CHR Extension: (Rozšíření Odběry RSS (od Googlu)) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2014-08-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Auto-Translate) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\obgoiaeapddkeekbocomnjlckbbfapmk [2015-12-29]
CHR Extension: (Tumblr Savior) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2018-05-25]
CHR Extension: (Gmail) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-21]
CHR Extension: (RSS Feed Reader) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2019-01-10]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-05] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-07] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-05] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-07] (AVAST Software)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-05] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-05] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-21] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-05] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-05] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-05] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-05] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-05] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-21] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-05] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-05] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-05] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-05] (AVAST Software)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2010-05-10] (GEAR Software Inc.)
S3 LTXMD_VAC; C:\Windows\System32\drivers\lmvac.sys [28944 2011-05-06] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-04-14] (Windows (R) 2003 DDK 3790 provider)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Western Digital Technologies)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-22 21:13 - 2019-01-22 21:14 - 000001184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-22 21:13 - 2019-01-22 21:14 - 000001184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-22 21:10 - 2019-01-22 21:10 - 002866663 _____ C:\Users\Lucinka\Downloads\záložky_22.01.19.html
2019-01-22 20:53 - 2019-01-22 21:07 - 000010211 _____ C:\Users\Lucinka\Desktop\Fixlog.txt
2019-01-22 20:03 - 2019-01-22 20:03 - 000000000 _____ C:\Windows\system32\last.dump
2019-01-22 19:24 - 2019-01-22 19:25 - 000064622 _____ C:\Users\Lucinka\Desktop\Addition.txt
2019-01-22 19:22 - 2019-01-22 21:20 - 000028923 _____ C:\Users\Lucinka\Desktop\FRST.txt
2019-01-22 19:21 - 2019-01-22 21:19 - 000000000 ____D C:\FRST
2019-01-22 19:20 - 2019-01-22 19:20 - 002428416 _____ (Farbar) C:\Users\Lucinka\Desktop\FRST64.exe
2019-01-22 19:01 - 2019-01-22 19:01 - 007320272 _____ (Malwarebytes) C:\Users\Lucinka\Downloads\adwcleaner_7.2.6.0.exe
2019-01-22 18:29 - 2019-01-22 18:29 - 002428416 _____ (Farbar) C:\Users\Lucinka\Downloads\Nepotvrzeno 88712.crdownload
2019-01-22 18:25 - 2019-01-22 18:29 - 001222144 _____ C:\Users\Lucinka\Downloads\RSITx64.exe
2019-01-21 22:32 - 2019-01-21 22:32 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-21 22:31 - 2019-01-05 11:01 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-20 23:28 - 2019-01-21 20:43 - 000009460 _____ C:\Users\Lucinka\Desktop\Sešit1 jhgg.xlsx
2019-01-19 21:40 - 2019-01-19 21:40 - 000610523 _____ C:\Users\Lucinka\Downloads\JoshLanyon.rar
2019-01-09 22:01 - 2019-01-09 22:02 - 018607613 _____ C:\Users\Lucinka\Downloads\HYYH NOTES [DATES].epub
2019-01-05 11:02 - 2019-01-05 11:00 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-05 11:02 - 2019-01-05 11:00 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-05 11:02 - 2019-01-05 11:00 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-05 11:02 - 2019-01-05 11:00 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-02 20:26 - 2019-01-02 20:26 - 008336193 _____ C:\Users\Lucinka\Downloads\_single___g_i_dle___hann__alone__by_akari_airi_12-dck8r81.zip
2019-01-02 20:24 - 2019-01-02 20:25 - 051527182 _____ C:\Users\Lucinka\Downloads\_g_i_dle___i_am_by_yazforevah-dcaphr8.zip
2018-12-27 23:22 - 2018-12-27 23:22 - 001194565 _____ C:\Users\Lucinka\Downloads\bb___27960.zip
2018-12-23 18:40 - 2018-12-23 18:41 - 004740523 _____ C:\Users\Lucinka\Downloads\sparAH.zip
2018-12-23 09:54 - 2018-12-23 09:54 - 000008866 _____ C:\Users\Lucinka\Desktop\Sešit1.xlsx

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-22 21:05 - 2017-10-09 19:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-01-22 21:05 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-22 19:29 - 2009-07-14 06:08 - 000032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-01-22 18:30 - 2012-09-27 10:29 - 000000000 ____D C:\Program Files\trend micro
2019-01-22 18:09 - 2011-06-06 18:33 - 000000000 ____D C:\Users\Lucinka\AppData\Roaming\uTorrent
2019-01-22 18:09 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-01-21 23:08 - 2011-06-06 15:42 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-01-21 22:43 - 2011-06-06 15:42 - 000000000 ____D C:\ProgramData\Adobe
2019-01-21 22:32 - 2018-06-23 19:45 - 000001963 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-21 22:32 - 2018-06-23 19:43 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-21 22:32 - 2018-06-23 19:43 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-21 22:27 - 2018-04-24 20:54 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-01-21 22:27 - 2018-03-13 20:27 - 000004524 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-21 22:27 - 2012-09-26 20:44 - 000002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-01-21 22:27 - 2011-06-06 17:05 - 000003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2019-01-21 22:27 - 2011-06-06 15:47 - 000003148 _____ C:\Windows\System32\Tasks\MirageAgent
2019-01-21 22:27 - 2011-06-06 15:33 - 000000000 ____D C:\Users\Lucinka
2019-01-21 22:27 - 2011-01-21 04:21 - 000003214 _____ C:\Windows\System32\Tasks\advSRS5
2019-01-21 22:27 - 2011-01-21 04:17 - 000003294 _____ C:\Windows\System32\Tasks\EasyBatteryManager
2019-01-21 22:27 - 2011-01-21 04:17 - 000003278 _____ C:\Windows\System32\Tasks\SmartRestarter
2019-01-21 22:27 - 2011-01-21 04:16 - 000003324 _____ C:\Windows\System32\Tasks\SamsungSupportCenter
2019-01-21 22:27 - 2011-01-21 04:16 - 000003238 _____ C:\Windows\System32\Tasks\MovieColorEnhancer
2019-01-21 22:27 - 2011-01-21 04:14 - 000003656 _____ C:\Windows\System32\Tasks\EasySpeedUpManager
2019-01-21 22:27 - 2011-01-21 04:14 - 000003224 _____ C:\Windows\System32\Tasks\EasyDisplayMgr
2019-01-21 22:27 - 2011-01-21 04:14 - 000002994 _____ C:\Windows\System32\Tasks\WifiManager
2019-01-21 22:27 - 2011-01-21 04:13 - 000003154 _____ C:\Windows\System32\Tasks\BatteryLifeExtender
2019-01-21 22:27 - 2011-01-21 04:00 - 000003624 _____ C:\Windows\System32\Tasks\SRS Premium Sound
2019-01-21 22:25 - 2015-12-03 22:48 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-01-21 22:25 - 2011-01-21 04:21 - 000000000 ____D C:\ProgramData\WinClon
2019-01-21 22:25 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2019-01-21 22:24 - 2011-06-06 19:27 - 000000000 __RHD C:\MSOCache
2019-01-21 21:26 - 2015-05-25 19:36 - 000007635 _____ C:\Users\Lucinka\AppData\Local\Resmon.ResmonCfg
2019-01-19 21:41 - 2018-11-17 19:00 - 000000000 ____D C:\Users\Lucinka\Downloads\!11 2018 books
2019-01-06 18:52 - 2011-01-21 21:45 - 000669116 _____ C:\Windows\system32\perfh005.dat
2019-01-06 18:52 - 2011-01-21 21:45 - 000141744 _____ C:\Windows\system32\perfc005.dat
2019-01-06 18:52 - 2009-07-14 06:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-05 11:01 - 2018-10-19 16:39 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-05 11:01 - 2018-06-23 19:43 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-05 11:00 - 2018-06-23 19:43 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-04 17:52 - 2018-04-07 07:56 - 000002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-12-30 21:27 - 2018-06-10 18:51 - 000000000 ____D C:\Users\Lucinka\Downloads\bts
2018-12-30 21:27 - 2011-06-13 15:18 - 000000000 ____D C:\Users\Lucinka\AppData\Roaming\Mp3tag
2018-12-30 12:56 - 2018-04-07 07:52 - 000000000 ____D C:\Users\Lucinka\AppData\Local\AVAST Software
2018-12-27 18:26 - 2018-01-25 18:17 - 000000000 ____D C:\Users\Lucinka\Downloads\dokumenty uredni a ucty
2018-12-27 18:26 - 2015-01-08 20:37 - 000000000 ____D C:\Users\Lucinka\Downloads\kreativita
2018-12-27 18:26 - 2014-10-25 08:58 - 000000000 ____D C:\Users\Lucinka\Downloads\FOTO A OBRAZKY
2018-12-27 18:07 - 2011-09-26 18:12 - 000000000 ____D C:\Users\Lucinka\Downloads\xx roztrid xx
2018-12-24 20:22 - 2012-01-27 18:19 - 000000000 ____D C:\Users\Lucinka\Downloads\EBOOKS

==================== Files in the root of some directories =======

2015-05-25 19:36 - 2019-01-21 21:26 - 000007635 _____ () C:\Users\Lucinka\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-13 00:48

==================== End of FRST.txt ============================

[lynz]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by Lucinka (22-01-2019 21:21:05)
Running from C:\Users\Lucinka\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-06-06 14:33:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3850606738-3580062740-2976655187-500 - Administrator - Disabled)
Guest (S-1-5-21-3850606738-3580062740-2976655187-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3850606738-3580062740-2976655187-1088 - Limited - Enabled)
Lucinka (S-1-5-21-3850606738-3580062740-2976655187-1001 - Administrator - Enabled) => C:\Users\Lucinka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Messenger“ pagalbinė priemonė (HKLM-x32\...\{7E274911-32ED-4489-9B04-4EF100D0E4D3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3 - )
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
Ashampoo Burning Studio 6 FREE v.6.81 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.1 - Ashampoo GmbH & Co. KG)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.1.973.110 - AVAST Software)
BatteryLifeExtender (HKLM-x32\...\{EA257ECF-5F72-4461-B890-959394DCD087}) (Version: 1.0.10 - Samsung)
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
CanoScan LiDE 70 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
Complément Messenger (HKLM-x32\...\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Complemento Messenger (HKLM-x32\...\{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.224 - DivX, LLC)
Doplnok programu Messenger (HKLM-x32\...\{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0.0.5 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{FCF2085E-ABE5-4AA8-B07C-65BBD56DA243}) (Version: 4.4.6 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{EA76E65F-6679-495A-A8A6-42AD6602ED4C}) (Version: 1.0.11 - Samsung)
Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.0 - SAMSUNG)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.17.5274 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
High-Logic FontCreator 6.5 (HKLM-x32\...\FontCreator6_is1) (Version: - High-Logic B.V.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
IrfanView 4.44 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.44 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java(TM) 6 Update 39 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216039FF}) (Version: 6.0.390 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jazz Jackrabbit 2 (HKLM-x32\...\Jazz Jackrabbit 2) (Version: - )
Jpeg Resampler Vs 6+ (HKLM-x32\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 7.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Assistent (HKLM-x32\...\{56D42B00-572C-4AE9-BCFB-CD45A3B5D0E1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{066219C8-4BE6-46D7-9E01-60FCFA6B32DC}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{082E37F5-3924-4168-A69A-1B6B1FEA587C}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{3889988F-762B-4B85-AB17-71C9CC3AE445}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{6DD3B54B-F0D0-4A69-8344-F52033225A02}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{781E0319-15CD-4A4C-A47E-D9FFF697E7A1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{8142D25E-028A-4563-86ED-5755783C8029}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{847C879C-1467-4924-A491-1302B4C58F70}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{939C80FA-96C9-44A6-B318-8E7D8BD8481B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{96403552-88D1-429F-9C92-388B814B885E}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{B44F3823-52DD-45CA-A916-8B320778715D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{C7DAD22D-29D4-438F-B986-03B9ED582EA4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{D4F81B27-4054-4AD6-A588-265508BAA17C}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{D58E381C-DE02-46A9-B9D1-A2CB807D2676}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger kísérő (HKLM-x32\...\{F3ECEB0A-82A0-4DB9-BB44-393A66BA0871}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Pratilac (HKLM-x32\...\{902585EB-8FA3-43A5-AD1C-5C9821A77114}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Suradnik (HKLM-x32\...\{3FD1CB9F-807F-451B-926C-9D19C84CFC61}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 사이트 공유 (HKLM-x32\...\{AB067785-9646-456B-91C3-E71228132A4C}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 分享元件 (HKLM-x32\...\{CF088261-BC81-4FB9-9BA0-7B5B9602D01A}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 浏览器插件 (HKLM-x32\...\{7F061FA8-5A87-4758-876B-17EE28B358D0}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger-kumppani (HKLM-x32\...\{D657CCB5-9F2F-4D3C-B93D-F77EBEF79B66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 2010 pro studenty a domácnosti (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MKVToolNix 5.3.0 (HKLM-x32\...\MKVToolNix) (Version: 5.3.0 - Moritz Bunkus)
Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Mozilla Firefox 60.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 60.0.2 (x64 cs)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.2.6730 - Mozilla)
Mp3tag v2.50 (HKLM-x32\...\Mp3tag) (Version: v2.50 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 267.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.54 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 267.54 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 267.54 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Philips Songbird (HKLM-x32\...\Philips Songbird) (Version: 2.6.1 Build: 6.1.2265 - Koninklijke Philips Electronics N.V.)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocnik Messenger (HKLM-x32\...\{BD8DA595-F501-4ABE-85A0-5C23E82472A0}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.33.1125.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6257 - Realtek Semiconductor Corp.)
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 1.1.21.0 - Samsung Electronics Co., Ltd.)
Samsung AnyWeb Print (HKLM-x32\...\{6C016AC4-0282-4C82-B12F-3D5910DA7319}) (Version: 1.0 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.8 - Samsung)
Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.01.06.00:16 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.1.0 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.1.17 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Spremljevalec Messenger (HKLM-x32\...\{F14F9EE9-9B68-42B4-90F7-0924F7619281}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.1000 - SRS Labs, Inc.)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
Sudoku UltiMate 2.3 (HKLM-x32\...\Sudoku UltiMate_is1) (Version: - Pavel Zykán)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.22.0 - Synaptics Incorporated)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7000 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Компаньон Messenger (HKLM-x32\...\{3705D53F-BB01-4BEE-8585-289E71CAC4B4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Помощник на Messenger (HKLM-x32\...\{FEA0181F-3758-46DA-B7EC-F3CDFA7E0CE7}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
מסייע Messenger (HKLM-x32\...\{AB5977C5-11AE-4003-BA7D-261C48F2BC35}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) (HKLM-x32\...\{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}) (Version: 15.4.5722.2 - Microsoft Corporation)
원격 연결을 위한 Windows Live Mesh ActiveX 컨트롤 (HKLM-x32\...\{61920449-0393-4707-B7DD-E6C0013C8B2C}) (Version: 15.4.5722.2 - Microsoft Corporation)
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3850606738-3580062740-2976655187-1001_Classes\CLSID\{052DB226-BE3B-44D4-B932-9C8049B2110B}\InprocServer32 -> C:\Users\Lucinka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\VolumeGadget.gadget\dlls\VolumeControl64.dll (Indev)
CustomCLSID: HKU\S-1-5-21-3850606738-3580062740-2976655187-1001_Classes\CLSID\{89BB4535-5AE9-43a0-89C5-19B4697E5C5E}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-05] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-05] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-05] (AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2014-04-09] (Piriform Ltd)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_100.dll [2011-06-17] (Free Time)
ContextMenuHandlers1-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-18] ()
ContextMenuHandlers1-x32: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-06] ()
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-05] (AVAST Software)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_100.dll [2011-06-17] (Free Time)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-03-06] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-05] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2014-04-09] (Piriform Ltd)
ContextMenuHandlers6-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-18] ()
ContextMenuHandlers6-x32: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-06] ()
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0342C578-E307-4E48-A195-199FDCE2A53F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {39E94ECC-112B-4F09-9EE4-BD38F258D55D} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2010-11-28] (Samsung Electronics Co., Ltd.)
Task: {521B7D8E-C469-4DA1-B797-D695C9BD1062} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-07] (AVAST Software)
Task: {6320C4A1-C223-4E59-920A-38634B946F72} - System32\Tasks\EasySpeedUpManager => Command(1): "%programfiles(x86)%\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe" -> /s
Task: {6320C4A1-C223-4E59-920A-38634B946F72} - System32\Tasks\EasySpeedUpManager => Command(2): C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2010-02-10] (Samsung Electronics Co., Ltd.)
Task: {7B30EE0D-E7B9-436D-8A65-E30A371514CF} - System32\Tasks\CCleanerSkipUAC => C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE [2018-11-06] (Piriform Software Ltd)
Task: {8AC49D1F-74B9-4B31-B2E3-AD0F43233897} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {947E68AF-8FA1-4EBD-9797-8E84668FAD00} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {9B72E3DD-B0E5-47B3-93BC-0E95E17CE07F} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)
Task: {A2D07A01-6315-45E7-BD6F-B5F3DDB75528} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {A5E2EB9E-2B1E-4712-980E-1C2CCE1F515A} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-08-19] (Samsung Electronics Co., Ltd.)
Task: {A7C892DC-CBF3-4DBA-A074-0FCD2000521A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-07] (AVAST Software)
Task: {AA6E997F-855F-434B-B04C-DB9AE364F697} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)
Task: {BEFC2918-CB2B-4109-987D-E6626B80E093} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-11-28] (Samsung Electronics Co., Ltd.)
Task: {C05843EA-FE56-41E5-AAE7-E518B87DAF76} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-11-05] (AVAST Software)
Task: {C2C9BC4B-A58B-4A8E-83E7-46496A72A1C1} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-01] (Samsung Electronics. Co. Ltd.)
Task: {CFB9AF13-9A24-46D3-8EDE-ACA968526366} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-05] (AVAST Software)
Task: {D8BF3B55-BBFF-40A1-BEF5-A834BDD01351} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-05053A95\EPM.exe
Task: {DED9F1B8-9CAD-4FA8-AEB4-977B7ECB78B7} - System32\Tasks\{D29F3714-0AA5-4F52-A084-179327AF66E6} => C:\Windows\system32\pcalua.exe -a C:\Users\Lucinka\Downloads\iview428_setup.exe -d C:\Users\Lucinka\Downloads
Task: {E79AAC0D-0DA5-49F8-A548-359B007B9BB8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-23] (Adobe Systems Incorporated)
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\advSRS5" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\BatteryLifeExtender" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\DivXUpdate" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\EasyBatteryManager" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\EasyDisplayMgr" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\EasySpeedUpManager" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\MirageAgent" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\MovieColorEnhancer" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\SamsungSupportCenter" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\SidebarExecute" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\SmartRestarter" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\SRS Premium Sound" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\SUPBackground" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\WifiManager" /ENABLE
Task: {ECADCB0F-65DF-45AC-BC7E-55FE7E25CD30} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {F190E6DB-6B39-4792-BFB0-F8759676F185} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe [2010-11-29] (SRS Labs, Inc.)
Task: {F1D7D9B4-9968-4F0B-810F-ED91DF1C2F64} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe [2018-06-22] (Adobe Systems Incorporated)
Task: {FD3CE2CC-85C4-4D6A-8C26-E38E44C9B4AE} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-01-05 11:01 - 2019-01-05 11:01 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-22 19:17 - 2019-01-22 19:17 - 006937744 _____ () C:\Program Files\AVAST Software\Avast\defs\19012204\algo64.dll
2019-01-05 11:01 - 2019-01-05 11:01 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-05 11:01 - 2019-01-05 11:01 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-05 11:01 - 2019-01-05 11:01 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2011-06-23 21:54 - 2005-03-11 23:07 - 000087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-06-06 15:43 - 2008-06-05 00:53 - 000027648 _____ () C:\Windows\System32\spd__l.dll
2011-01-21 04:08 - 2009-12-01 08:21 - 000244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-06-06 15:43 - 2010-04-21 00:44 - 000719872 _____ () C:\Windows\system32\SnMinDrv.dll
2011-06-07 13:41 - 2011-05-28 21:05 - 000164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-05-14 12:34 - 2010-09-06 17:21 - 000538435 _____ () C:\Program Files (x86)\JpegResampler2010\JRcm64.dll
2012-06-09 12:15 - 2012-06-09 12:14 - 000380416 _____ () C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
2019-01-05 11:01 - 2019-01-05 11:01 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-12-19 16:36 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-19 16:36 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-11-06 17:14 - 2018-11-06 17:14 - 000090576 _____ () C:\PROGRAM FILES\CCLEANER\lang\lang-1029.dll
2011-01-21 04:13 - 2006-08-12 04:48 - 000049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2011-01-21 04:21 - 2010-05-07 15:22 - 001636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2011-01-21 04:16 - 2010-07-05 11:42 - 000203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
2009-11-02 06:20 - 2009-11-02 06:20 - 000619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 000013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-22 18:30 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\WIDCOMM\Bluetooth Software;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\MKVToolNix;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-3850606738-3580062740-2976655187-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lucinka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: wuauserv => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{39009407-C230-4747-B2FA-9DC51185399C}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe (CyberLink Corp.)
FirewallRules: [{A302EB01-2AE2-4941-B2AD-AB6115CF9054}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE (CyberLink Corp.)
FirewallRules: [{9197CB4A-F8BA-4773-963F-79EA69F5A69E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{7D4AB563-DE14-429F-B216-5DEA1E3E971F}] => (Allow) LPort=2869
FirewallRules: [{5D8273DE-7F17-4F33-8FB4-94B67BD434CC}] => (Allow) LPort=1900
FirewallRules: [{4579C15C-2FBD-4AC6-A8E7-2AE6176AC19B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
FirewallRules: [{B36022DA-9EC6-448F-849F-9158620D7257}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation)
FirewallRules: [{A78FD4DC-1394-4672-85B1-C022BF01A955}] => (Allow) C:\Windows\System32\SUPDSvc.exe (Samsung Electronics CO., LTD.)
FirewallRules: [{F539C6BC-4882-4057-9A4F-468406FA80F6}] => (Allow) C:\Windows\System32\SUPDSvc.exe (Samsung Electronics CO., LTD.)
FirewallRules: [{C3353E64-9AB7-4259-9E7F-4052593C0CA2}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe (Samsung Electronics Co., Ltd.)
FirewallRules: [{EB945000-20D5-46C9-8D5A-C4833CEF8693}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe (Samsung Electronics Co., Ltd.)
FirewallRules: [{69CF6EE0-E6CC-4B33-9D9C-64DB918DFC53}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics Co., Ltd.)
FirewallRules: [{A615AF9D-5F3A-417D-9B6B-1DFAACE52C13}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics Co., Ltd.)
FirewallRules: [{40C94204-2135-4CE9-8FCE-15EE9DFB88F2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{52B46326-E7ED-449B-8230-6E0AE62CCF48}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{62CF71D8-835A-46BC-A9B4-3A672D064242}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{D6EBEDDD-8BE1-45CA-86F6-6EFF35EC5996}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{ABAE1873-B910-4F1D-848E-5666D87151B6}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{E55D619E-26B0-4F04-811D-181F56A71639}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [{B9806F68-C7C0-4D6E-8152-0778F1D95434}] => (Allow) C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
FirewallRules: [TCP Query User{DE742388-DCB4-4301-B2B4-5B54B3C68216}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google Inc.)
FirewallRules: [UDP Query User{ACC3EB82-9610-402C-9601-08839D311FD7}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google Inc.)
FirewallRules: [{7C44880B-837E-4F21-987D-F14139BE3E24}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe ()
FirewallRules: [{CD752EBD-233D-4E3B-989A-FFCE5EB61CC0}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe ()
FirewallRules: [{8D74281E-0EB9-4123-B19C-E88E472F8149}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{71DE6E69-EFE8-441F-970F-F3BA63C9E35B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{585CA7AF-6D22-43B5-9D76-E79EAB4CF620}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{1A5CD6DA-12AE-4A71-84C9-49CDCEFA8BB6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{D81EEF29-C162-42D0-B341-E64297CEF31A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{40E217F8-56E1-4A87-BDD1-40C6FF9539C2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{6CD1B5C1-265E-4A85-8E16-EE69148A46E6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{215DB667-280C-4690-9386-861B976A42E3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{08F1DE29-A519-440D-93F2-DE64CD457B3B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{D9562C14-F714-461F-9DEA-B3CD5C992CBB}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software)
FirewallRules: [{5333334D-0FCE-4E2D-9889-58561A4F2385}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{AE86A34D-0C33-4EAD-80BF-1FD7027E3FFE}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)

==================== Restore Points =========================

25-08-2018 14:33:05 Naplánovaný kontrolní bod
13-09-2018 00:23:36 Naplánovaný kontrolní bod
26-09-2018 22:42:31 Naplánovaný kontrolní bod
08-10-2018 23:02:44 Naplánovaný kontrolní bod
17-10-2018 23:06:06 Naplánovaný kontrolní bod
24-10-2018 23:20:34 Naplánovaný kontrolní bod
01-11-2018 00:39:48 Naplánovaný kontrolní bod
09-11-2018 22:37:49 Naplánovaný kontrolní bod
18-11-2018 01:40:40 Naplánovaný kontrolní bod
25-11-2018 23:56:44 Naplánovaný kontrolní bod
04-12-2018 23:09:41 Naplánovaný kontrolní bod
14-12-2018 23:11:04 Naplánovaný kontrolní bod
24-12-2018 00:25:39 Naplánovaný kontrolní bod
31-12-2018 19:04:51 Naplánovaný kontrolní bod
13-01-2019 00:06:06 Naplánovaný kontrolní bod
21-01-2019 22:14:27 Operace obnovení

==================== Faulty Device Manager Devices =============

Name: Broadcom BCM2070 Bluetooth 3.0 + HS USB Device
Description: Broadcom BCM2070 Bluetooth 3.0 + HS USB Device
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/22/2019 09:13:55 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (01/22/2019 07:00:17 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (01/22/2019 06:24:29 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/22/2019 06:24:29 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/22/2019 06:24:29 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/22/2019 06:24:29 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (01/22/2019 06:24:19 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/22/2019 06:24:19 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (01/22/2019 09:12:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (01/22/2019 09:11:36 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby LanmanServer bylo dosaženo časového limitu (30000 ms).

Error: (01/22/2019 09:11:04 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby LanmanServer bylo dosaženo časového limitu (30000 ms).

Error: (01/22/2019 09:09:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) závisí na službě Správce identit sítě rovnocenných počítačů, která neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/22/2019 09:09:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Správce identit sítě rovnocenných počítačů, která neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/22/2019 09:09:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Správce identit sítě rovnocenných počítačů neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/22/2019 09:09:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Správce identit sítě rovnocenných počítačů bylo dosaženo časového limitu (30000 ms).

Error: (01/22/2019 09:08:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Microsoft .NET Framework NGEN v4.0.30319_X64 bylo dosaženo časového limitu (30000 ms).


Windows Defender:
===================================
Date: 2014-03-15 03:26:57.998
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{B3C9CDE0-72CD-45BE-AF95-A75507B1EE0D}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2013-12-08 12:55:12.554
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{FCA8D655-0FB3-471C-84EF-68CDAF1E5D34}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2012-10-25 18:06:15.678
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

CodeIntegrity:
===================================

Date: 2012-09-27 23:27:30.777
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-27 23:27:30.679
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-27 23:27:30.582
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-27 23:27:30.484
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-27 23:21:28.468
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-27 23:21:28.369
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-27 23:21:28.269
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-27 23:21:28.172
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 57%
Total physical RAM: 3956.56 MB
Available physical RAM: 1666.34 MB
Total Virtual: 7911.31 MB
Available Virtual: 5167.51 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:178 GB) (Free:18.08 GB) NTFS
Drive d: () (Fixed) (Total:265.61 GB) (Free:46.41 GB) NTFS

\\?\Volume{ecd84245-2597-11e0-ba9b-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS
\\?\Volume{21f120a5-66c5-11e0-a3d4-806e6f6e6963}\ (SAMSUNG_REC) (Fixed) (Total:22.05 GB) (Free:0.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8E39AC28)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=178 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=265.6 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=22 GB) - (Type=27)

==================== End of Addition.txt ============================

[Diallix]

Provedu, jen mi tu teď vyskočilo tohle okno viz přiložený obrázek.
Předpokládám, že to souvisí s tím co se teď opravovalo?

Nemazali sme ziadne systemove subory.

Pokracujte tlacidlom Zavrit.

[Diallix]

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

[lynz]

Teď mi tu vyskočilo ještě tohle. Mám tam zadat ten kód teď anebo až po tom fixu a restartu?