Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu zda se mi počitač pomalý

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Ondra1063
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 20 bře 2019 14:30

Prosím o kontrolu logu zda se mi počitač pomalý

#1 Příspěvek od Ondra1063 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by matus (administrator) on DESKTOP-QCNA7PB (20-03-2019 14:26:33)
Running from C:\Users\matus\Downloads
Loaded Profiles: matus (Available Profiles: matus)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Elgato Systems -> Elgato Systems GmbH) C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
(AVerMedia) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() [File not signed] C:\Program Files\D-Link\SharePort Plus\Spnuhelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Western Digital Techologies -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\matus\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Seznam.cz, a.s. -> ) C:\Users\matus\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Seznam.cz, a.s. -> ) C:\Users\matus\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Nikon Corporation) [File not signed] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
(AVerMedia TECHNOLOGIES, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(D-LINK CORPORATION -> D-Link Corp.) C:\Program Files\D-Link\SharePort Plus\SharePortPlus.exe
(ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
(Power Technology -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe
(Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
(Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.580_none_ead976921d8220dc\TiWorker.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [177928 2019-03-18] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843520 2016-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation) [File not signed]
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2309008 2017-11-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1325240 2018-11-20] (Power Technology -> ) [File not signed]
HKLM-x32\...\Run: [Remote Control Editor] => C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTVRC.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\Run: [BDFE749FBD481E3AA828287100E5863D96D31C94._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1708016 2019-03-01] (Google LLC -> Google Inc.)
HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\matus\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\matus\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [752736 2012-10-08] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\Run: [Copernic.Utils] => "C:\Program Files (x86)\Copernic\DesktopSearch4\Copernic.DesktopSearch.exe" /tray
HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\MountPoints2: {66e3cd4a-74e1-11e8-a507-e09467f6a030} - "E:\TOPSTART.EXE"
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2017-08-02] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [vidc.divx] => C:\Windows\SysWOW64\divx.dll [680960 2003-11-11] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.div4] => C:\Windows\SysWOW64\DivXc32f.dll [121920 2003-04-22] (Pinky.cz) [File not signed]
HKLM\...\Drivers32: [vidc.div3] => C:\Windows\SysWOW64\DivXc32.dll [121920 2003-04-21] (build Pinky.cz) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvid.dll [202752 2003-07-16] () [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2003-07-29] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.divxa] => C:\Windows\SysWOW64\divxa32.acm [290896 2003-04-21] (build Pinky.cz) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\Vorbis.acm [209408 2001-06-22] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [msacm.a3d] => C:\Windows\SysWOW64\a3d.dll [720896 2002-08-27] (Sensaura Ltd) [File not signed]
HKLM\...\Drivers32: [msacm.ogg] => C:\Windows\SysWOW64\ogg.dll [21504 2002-10-05] () [File not signed]
HKLM\...\Drivers32: [msacm.vorbisenc] => C:\Windows\SysWOW64\vorbisenc.dll [80384 2002-10-05] () [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\WINDOWS\SysWOW64\l3codecp.acm [190464 2018-04-12] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-05] (Google LLC -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2017-10-10]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2017-10-10]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
Startup: C:\Users\matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\D5Tq84ha3NXEFA6gGAxT.vbs [2018-08-21] () [File not signed]
Startup: C:\Users\matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SharePort Plus.lnk [2017-09-06]
ShortcutTarget: SharePort Plus.lnk -> C:\Program Files\D-Link\SharePort Plus\SharePortPlus.exe (D-LINK CORPORATION -> D-Link Corp.)
Startup: C:\Users\matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2018-07-07]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0a108eec-fd3e-4a94-8677-90324982d730}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1193c1da-f4e5-4664-a9a4-23db8fe0718a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{93d62c76-7eed-4d4c-bfe4-f830274b5da6}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKU\S-1-5-21-618738485-2318971794-796116561-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {30686DEB-515D-46C0-B0D8-8726DF6338F5} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {3B643E45-577D-4C75-915C-F48D414579A9} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {54754879-37DE-4536-BACF-3CEB4BC27FD6} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {664D19B2-4AFF-4D98-B49D-BC73D6BB1495} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {792D1508-C90A-4215-BCEE-C54EA20FF27A} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {9B8B8650-9645-44F3-977D-2F0D74CAF39B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {A77523C8-FEFB-4F7A-BED8-E21D138B07D9} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {C37E0712-D9E4-4F45-99EE-1AF7B81BD2FB} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {D919801A-30B5-4B97-B614-3375D3979CF9} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc -> Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default [2019-03-20]
CHR Extension: (Prezentace) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-13]
CHR Extension: (Seznam doplněk - Email) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-02-14]
CHR Extension: (YouTube) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-13]
CHR Extension: (Tabulky) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-02-14]
CHR Extension: (Gmail) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-13]
CHR Extension: (Chrome Media Router) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-14]
CHR Profile: C:\Users\matus\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-02-14]
CHR Profile: C:\Users\matus\AppData\Local\Google\Chrome\User Data\System Profile [2019-02-14]
CHR HKU\S-1-5-21-618738485-2318971794-796116561-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-618738485-2318971794-796116561-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx <not found>
CHR HKU\S-1-5-21-618738485-2318971794-796116561-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [264224 2015-10-08] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [368640 2013-06-26] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [772096 2013-08-16] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-06] (Microsoft Corporation -> Microsoft Corporation)
R2 D-Link SharePort Plus Helper; C:\Program Files\D-Link\SharePort Plus\Spnuhelper.exe [49152 2011-03-25] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-03-18] (ESET, spol. s r.o. -> ESET)
R2 EyeTV Netstream; C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [400864 2013-04-15] (Elgato Systems -> Elgato Systems GmbH)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [541896 2018-07-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [524632 2018-03-26] (Western Digital Techologies -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21653520 2015-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [683032 2015-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [91400 2015-10-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2016-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 AVerFx2hbtv64; C:\WINDOWS\system32\drivers\AVerFx2hbtv64.sys [512512 2009-12-08] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 AVerPola; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [871048 2016-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 CYDTV_SRV; C:\WINDOWS\system32\drivers\cydtv.sys [986752 2017-04-10] (Shenzhen Geniatech Technology LTD. -> )
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2015-11-15] (Power Technology -> Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [145600 2019-03-18] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107744 2019-03-18] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188240 2019-03-18] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50752 2017-05-04] (ESET, spol. s r.o. -> ESET)
S4 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [78192 2017-05-04] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [110000 2019-03-18] (ESET, spol. s r.o. -> ESET)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-08] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2013-08-14] (Corel Corporation -> Corel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 sxuptp; C:\WINDOWS\System32\drivers\sxuptp.sys [317792 2015-09-03] (D-LINK CORPORATION -> silex technology, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-20 14:26 - 2019-03-20 14:27 - 000025859 _____ C:\Users\matus\Downloads\FRST.txt
2019-03-20 14:26 - 2019-03-20 14:26 - 000000000 ____D C:\FRST
2019-03-20 14:25 - 2019-03-20 14:25 - 002434048 _____ (Farbar) C:\Users\matus\Downloads\FRST64.exe
2019-03-20 14:20 - 2019-03-20 14:20 - 000000000 ___HD C:\OneDriveTemp
2019-03-18 15:21 - 2019-03-18 15:21 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-03-18 15:21 - 2019-03-18 15:21 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-18 15:21 - 2019-03-18 15:21 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-18 15:21 - 2019-03-18 15:21 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-18 15:21 - 2019-03-18 15:21 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-18 15:21 - 2019-03-18 15:21 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-18 15:21 - 2019-03-18 15:21 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-18 15:21 - 2019-03-18 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-03-18 15:00 - 2019-03-18 15:10 - 1100651337 _____ C:\Users\matus\Downloads\Johny English znovu zasahuje 2018 CZ dabing od LUCII.mkv
2019-03-18 14:59 - 2019-03-18 15:11 - 1074605062 _____ C:\Users\matus\Downloads\Johny English 3 znovu zasahuje 2018 CZ dabing.avi
2019-03-06 10:32 - 2019-03-06 10:32 - 000014928 _____ C:\Users\matus\Downloads\Puriny-rozdělení.xlsx
2019-02-27 17:16 - 2019-02-27 17:18 - 000000000 ____D C:\3
2019-02-25 18:25 - 2019-02-25 18:25 - 000002274 _____ C:\Users\Public\Desktop\CyberLink WaveEditor 2.lnk
2019-02-25 18:25 - 2019-02-25 18:25 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2
2019-02-25 18:24 - 2019-02-25 18:25 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2019-02-25 18:24 - 2019-02-25 18:24 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Screen Recorder 16.lnk
2019-02-25 18:24 - 2019-02-25 18:24 - 000002136 _____ C:\Users\Public\Desktop\CyberLink Screen Recorder 16.lnk
2019-02-25 18:24 - 2019-02-25 18:24 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 16 (64-bit).lnk
2019-02-25 18:24 - 2019-02-25 18:24 - 000002053 _____ C:\Users\Public\Desktop\CyberLink PowerDirector 16 (64-bit).lnk
2019-02-25 18:24 - 2019-02-25 18:24 - 000000000 ____D C:\Users\matus\AppData\Roaming\proDAD
2019-02-25 18:24 - 2019-02-25 18:24 - 000000000 ____D C:\ProgramData\proDAD
2019-02-25 18:24 - 2019-02-25 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2019-02-25 18:24 - 2019-02-25 18:24 - 000000000 ____D C:\Program Files\proDAD
2019-02-25 18:24 - 2019-02-25 18:24 - 000000000 ____D C:\Program Files\NewBlue
2019-02-25 18:24 - 2019-02-25 18:24 - 000000000 ____D C:\Program Files\Common Files\NewBlue
2019-02-25 18:24 - 2019-02-25 18:24 - 000000000 ____D C:\Program Files (x86)\NewBlue
2019-02-25 18:24 - 2017-08-02 03:14 - 000607256 _____ (proDAD GmbH) C:\WINDOWS\system32\prodad-codec.dll
2019-02-25 18:24 - 2017-08-02 03:14 - 000376344 _____ (proDAD GmbH) C:\WINDOWS\system32\proDAD-PA-Support.dll
2019-02-25 18:23 - 2019-02-25 18:25 - 000000000 ____D C:\Program Files (x86)\CyberLink
2019-02-25 18:21 - 2019-02-25 18:25 - 000000000 ____D C:\ProgramData\SUPPORTDIR

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-20 14:25 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-20 14:21 - 2018-11-29 16:51 - 000000000 ____D C:\Program Files\rempl
2019-03-20 14:20 - 2018-06-19 15:12 - 000000000 ____D C:\Users\matus\AppData\Roaming\Seznam.cz
2019-03-20 14:20 - 2017-08-13 15:48 - 000000000 ___RD C:\Users\matus\OneDrive
2019-03-20 14:19 - 2018-05-26 08:56 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-20 14:19 - 2018-04-12 16:50 - 000716276 _____ C:\WINDOWS\system32\perfh005.dat
2019-03-20 14:19 - 2018-04-12 16:50 - 000144534 _____ C:\WINDOWS\system32\perfc005.dat
2019-03-20 14:19 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-20 14:15 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-20 14:15 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-20 14:14 - 2018-05-26 08:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-20 14:14 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-20 14:07 - 2017-08-14 17:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-20 14:06 - 2018-05-26 08:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-18 15:20 - 2017-08-13 16:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-18 15:15 - 2017-08-14 17:01 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-18 14:59 - 2017-06-22 15:01 - 000145600 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2019-03-18 14:59 - 2017-05-04 12:18 - 000188240 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2019-03-18 14:59 - 2017-05-04 12:18 - 000110000 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-03-18 14:59 - 2017-05-04 12:18 - 000107744 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2019-03-06 15:51 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-03-06 15:51 - 2017-08-13 15:50 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-03-06 12:30 - 2017-08-13 16:30 - 000000000 ____D C:\Users\matus\AppData\Local\GHISLER
2019-03-06 10:32 - 2017-11-27 09:37 - 000000000 ____D C:\Users\matus\AppData\Local\Packages
2019-03-05 12:35 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-03-05 12:17 - 2017-08-13 15:55 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-05 12:17 - 2017-08-13 15:55 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-03 17:54 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-03-03 17:54 - 2018-04-12 00:41 - 000179608 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-03 14:28 - 2018-05-26 08:56 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-618738485-2318971794-796116561-1001
2019-03-03 14:28 - 2018-05-26 08:48 - 000002432 _____ C:\Users\matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-25 18:28 - 2017-09-15 11:07 - 000000000 ____D C:\Users\Public\CyberLink
2019-02-25 18:28 - 2017-09-06 13:19 - 000000000 ____D C:\Users\matus\Documents\CyberLink
2019-02-25 18:27 - 2017-09-15 10:59 - 000000000 ____D C:\Users\matus\AppData\Roaming\CyberLink
2019-02-25 18:25 - 2017-10-14 12:28 - 000000000 ____D C:\ProgramData\install_backup
2019-02-25 18:25 - 2017-09-06 11:39 - 000000000 ____D C:\ProgramData\install_clap
2019-02-25 18:25 - 2017-08-13 16:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-02-25 18:24 - 2017-09-06 11:32 - 000000000 ___HD C:\ProgramData\CyberLink
2019-02-25 18:22 - 2017-09-06 11:33 - 000000000 ____D C:\Program Files\CyberLink

==================== Files in the root of some directories =======

2017-08-13 16:19 - 2017-08-13 16:19 - 000000268 ___RH () C:\Users\matus\AppData\Roaming\howto
2018-07-26 16:10 - 2018-12-27 13:55 - 000099384 _____ () C:\Users\matus\AppData\Roaming\inst.exe
2018-07-26 16:10 - 2018-12-27 13:55 - 000007859 _____ () C:\Users\matus\AppData\Roaming\pcouffin.cat
2018-07-26 16:10 - 2018-12-27 13:55 - 000001167 _____ () C:\Users\matus\AppData\Roaming\pcouffin.inf
2018-07-26 16:11 - 2018-12-27 13:55 - 000000033 _____ () C:\Users\matus\AppData\Roaming\pcouffin.log
2018-07-26 16:10 - 2018-12-27 13:55 - 000082816 _____ (VSO Software) C:\Users\matus\AppData\Roaming\pcouffin.sys
2017-08-13 16:20 - 2017-08-13 16:20 - 000000268 ___RH () C:\Users\matus\AppData\Roaming\Vocals
2017-08-13 16:21 - 2017-08-13 16:21 - 000000268 ___RH () C:\Users\matus\AppData\Roaming\WebServer
2017-08-13 16:20 - 2017-08-13 16:20 - 000000268 ___RH () C:\Users\matus\AppData\Roaming\Widgets
2018-09-16 15:47 - 2018-09-16 15:47 - 000003584 _____ () C:\Users\matus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-26 08:45

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by matus (20-03-2019 14:28:49)
Running from C:\Users\matus\Downloads
Windows 10 Home Version 1803 17134.590 (X64) (2018-05-26 07:57:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-618738485-2318971794-796116561-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-618738485-2318971794-796116561-503 - Limited - Disabled)
Guest (S-1-5-21-618738485-2318971794-796116561-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-618738485-2318971794-796116561-1003 - Limited - Enabled)
matus (S-1-5-21-618738485-2318971794-796116561-1001 - Administrator - Enabled) => C:\Users\matus
WDAGUtilityAccount (S-1-5-21-618738485-2318971794-796116561-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Disabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
AVer MediaCenter 3D (HKLM-x32\...\{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}) (Version: 1.7.9.91.15030401 - AVerMedia Technologies, Inc.) Hidden
AVer MediaCenter 3D (HKLM-x32\...\InstallShield_{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}) (Version: 1.7.9.91.15030401 - AVerMedia Technologies, Inc.)
AVerMedia C039 USB Capture Card 10.2.64.103 (HKLM-x32\...\AVerMedia C039 USB Capture Card) (Version: 10.2.64.103 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia H837 USB Hybrid ATSC/QAM 10.2.64.103 (HKLM-x32\...\AVerMedia H837 USB Hybrid ATSC/QAM) (Version: 10.2.64.103 - AVerMedia TECHNOLOGIES, Inc.)
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
CyberLink PowerDirector 16 (HKLM-x32\...\{EE9EC028-49D2-4349-B0A3-9B2E752A4958}) (Version: 16.0.1927.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DFX (HKLM-x32\...\DFX) (Version: 12.011.0.0 - Power Technology)
Driver Install 64bit (HKLM-x32\...\{1AF7F543-C862-4FD7-A6C1-FB527D2A2D91}) (Version: 1.32.1146.0 - 6?Shenzhen Geniatech Inc.,Ltd)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DxO FilmPack 3 (HKLM\...\{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}) (Version: 3.4.96.0 - DxO Labs)
DxO PhotoLab 2 (HKLM\...\{DE14CE7D-2B71-41E0-8BE1-621DD49971FC}) (Version: 2.1.0 - DxO)
ESET Security (HKLM\...\{3B6E8FD7-0C63-47D7-A118-17AB1581EE3A}) (Version: 11.0.120.0 - ESET, spol. s r.o.)
EyeTV Netstream for Windows Media Center (HKLM-x32\...\EyeTV Netstream Service) (Version: 1.01.00.16 - Elgato Systems GmbH)
Formix SE - formuláře kanceláře (HKLM-x32\...\Formix SE_is1) (Version: - Martin Roubec)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
KaM - The Peasants Rebellion (HKLM-x32\...\KaM - The Peasants Rebellion) (Version: - )
KaM Remake Full r6720 (HKLM-x32\...\{FDE049C8-E4B2-4EB5-A534-CF5C581F5D32}_is1) (Version: - )
K-Lite Mega Codec Pack 14.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.4.0 - KLCP)
Kodek 0.16 CZ (HKLM-x32\...\{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1) (Version: 0.16 - Pinky.cz)
Kuki (HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\Kuki) (Version: 20160616.000 - SMART Comp. a.s.)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{4cadd82e-f9f2-4f69-bcfd-a0b929d8e6e2}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movavi Video Converter 18 Premium (HKLM-x32\...\Movavi Video Converter 18 Premium) (Version: 18.4.0 - Movavi)
Movavi Video Converter 18 Premium verze Verzia 18 (HKLM-x32\...\{F20A5760-7FCB-4C99-8FA9-7594EA6EC500}_is1) (Version: Verzia 18 - My Company, Inc.)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Network Print Monitor for Windows (HKLM-x32\...\Network Print Monitor) (Version: - )
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.3.0 - Nikon Corporation)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.3 - Nikon)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Ogg Vorbis ACM Codec (HKLM-x32\...\VorbisCodec) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PC Štítky 2.xx (HKLM-x32\...\PC Štítky 2.xx_is1) (Version: - LAN Consult, spol. s r.o.)
Photo Story 3 pro Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.10 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.16 - Nikon)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.115.3 - proDAD GmbH)
ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - Photodex Corporation)
ProShow Plugins for Lightroom (HKLM-x32\...\ProShow Plugins for Lightroom) (Version: - )
Puzznic 1.5 (HKLM-x32\...\Puzznic_is1) (Version: - ZX Games)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7730 - Realtek Semiconductor Corp.)
Recepty doma (HKLM-x32\...\Recepty doma_is1) (Version: - Martin Roubec)
Seznam Software (HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
SharePort Plus (HKLM\...\SharePort Plus) (Version: 4.5.0 R1 - D-Link Corporation)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.2.0 - ShareX Team)
Spectaculator 5.3 (HKLM-x32\...\{C8C61BA0-F07E-4240-B5B0-669988B3A51A}) (Version: 5.30.371 - spectaculator.com)
Spectaculator 8.0 (HKLM-x32\...\{B21AE9DA-E837-4F82-B061-7848B4F3096B}) (Version: 8.0.0.3092 - spectaculator.com)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
the Free Unix Spectrum Emulator (Fuse) 1.5.7 (HKLM-x32\...\Fuse) (Version: 1.5.7 - )
TMPGEnc Authoring Works 5 (HKLM-x32\...\{3B2A7C83-EFAE-4FC1-BF6B-500042E8B17A}) (Version: 5.0.8.26 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Premium Theme Pack 1 (HKLM-x32\...\{5D314FE3-3D51-4C46-9514-8B0A28F7AF77}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 1 (HKLM-x32\...\{929EAD99-9874-43BF-B3F4-5F5D2D9D66A9}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 2 (HKLM-x32\...\{5ECF915E-710A-441E-A7CB-1E599A61D34F}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 3 (HKLM-x32\...\{504C5775-4DD4-40A6-84EA-2837EBC5D268}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 4 (HKLM-x32\...\{081872FE-8932-42E9-B3CE-CE85C477790E}) (Version: 1.0.0.0 - Pegasys Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
TotalTV Player (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.32.4 - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.3 - Nikon)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{5ea95ccc-fc68-4182-88a9-e563ba3900ed}) (Version: 2.0.0.26 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{893C7059-0464-47FB-85A4-5E1ADDA56141}) (Version: 2.0.0.26 - Western Digital Technologies, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinUAE 64-bit 4.0.0 (HKLM\...\{3F3C6C30-B791-4DD5-ABEF-48F424366039}) (Version: 4.0.0.0 - Arabuusimiehet)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.2 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-618738485-2318971794-796116561-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-618738485-2318971794-796116561-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {011B1B4B-AD59-41A1-81DD-0066619438F3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {0210F1A7-36F7-4721-80AC-711B15134F2C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {3BD18A82-6C17-4A83-B7D1-F0EEB394860A} - System32\Tasks\allshare => C:\Users\matus\Downloads\AllSharePCSW.exe
Task: {4C97623A-D2AB-486B-8EBB-ACD9694192F1} - System32\Tasks\S-1-5-21-618738485-2318971794-796116561-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {6418A6B3-67C3-4367-A632-499038B5CDE0} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {7116671D-FC5D-4DA1-8697-B4F715967895} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {74FC8605-D353-427B-9321-87FFDDDDB972} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {8AAF4279-B5A1-45A5-B904-A0E1584E0FB0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {978F3DA1-9D83-4397-80F4-6B4298C31BE8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {9E34E4F4-0BBF-4F99-BEBC-D3D9BDF60DC8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CCBE5ACD-19AD-42C4-9BBE-1B6923A81D06} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FD7D3E64-CB54-4D42-86F5-087AE71093AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-04-15 09:06 - 2013-04-15 09:06 - 000032768 _____ ( ) [File not signed] C:\Program Files (x86)\Elgato\EyeTV Netstream\Interop.NetFwTypeLib.dll
2013-04-15 09:06 - 2013-04-15 09:06 - 000014848 _____ ( ) [File not signed] C:\Program Files (x86)\Elgato\EyeTV Netstream\Interop.UPNPLib.dll
2017-10-10 11:56 - 2013-06-26 23:36 - 000368640 _____ (AVerMedia) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
2017-10-10 11:56 - 2013-08-16 22:15 - 000772096 _____ () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2017-09-06 16:20 - 2011-03-25 04:15 - 000049152 ____N () [File not signed] C:\Program Files\D-Link\SharePort Plus\Spnuhelper.exe
2017-10-10 11:56 - 2013-08-16 22:10 - 000163840 _____ () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2016-01-08 09:47 - 2016-01-08 09:47 - 000588288 ____R (Nikon Corporation) [File not signed] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
2017-10-10 11:56 - 2013-08-16 22:12 - 000675840 _____ (AVerMedia TECHNOLOGIES, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
2017-09-06 16:20 - 2014-06-30 12:07 - 000314880 ____N () [File not signed] C:\Program Files\D-Link\SharePort Plus\Svlscapi.dll
2017-09-06 16:20 - 2013-12-04 10:58 - 001553408 ____N (D-Link Corp.) [File not signed] C:\Program Files\D-Link\SharePort Plus\Themes\Dsptheme.dll
2018-01-20 15:53 - 2018-06-22 12:30 - 001865728 _____ (ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
2015-11-15 04:58 - 2018-11-20 16:32 - 001325240 _____ (Power Technology -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe
2017-10-10 11:56 - 2015-02-09 20:32 - 000770048 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\GraphMaster.dll
2017-10-10 11:56 - 2015-02-16 21:13 - 000194048 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\CardID.dll
2015-10-30 19:40 - 2015-10-30 19:40 - 000317440 ____R (Nikon Corporation) [File not signed] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkRSSLib.dll
2015-10-30 19:40 - 2015-10-30 19:40 - 001836032 ____R (Nikon Corporation) [File not signed] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2RuleLibrary.dll
2015-10-30 19:40 - 2015-10-30 19:40 - 000271360 ____R (Nikon Corporation) [File not signed] C:\Program Files (x86)\Nikon\Nikon Message Center 2\ProductInfoLib.dll
2011-10-30 14:36 - 2011-10-30 14:36 - 001650688 _____ (Nikon Corporation) [File not signed] C:\Program Files (x86)\Nikon\Nikon Message Center 2\MCARecLib2.dll
2016-01-08 11:36 - 2016-01-08 11:36 - 001788928 _____ (Nikon Corporation) [File not signed] C:\Program Files (x86)\Nikon\Nikon Message Center 2\Localization\EN\NkMC2Lang.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CD30FA91 [360]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2017-12-24 14:35 - 000000898 _____ C:\WINDOWS\system32\drivers\etc\hosts

0.0.0.0 pubads.g.doubleclick.net
0.0.0.0 securepubads.g.doubleclick.net

2017-09-06 18:49 - 2018-12-18 16:26 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-618738485-2318971794-796116561-1001\Control Panel\Desktop\\Wallpaper -> C:\DSC01842.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AF41BABC-EB80-412E-9FF8-CD0ACFAD2276}] => (Allow) C:\Program Files (x86)\Kuki\addons\skin.netboxkuki\proxies\proxy2.exe () [File not signed]
FirewallRules: [{B8D6DDE3-2B3A-4FA3-B8C4-5A52517A3BC8}] => (Allow) C:\Program Files (x86)\Kuki\addons\skin.netboxkuki\proxies\proxy2.exe () [File not signed]
FirewallRules: [{20B7320F-9C17-4178-8A18-41EB48C7521E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Settlers Online\nw.exe No File
FirewallRules: [{30B0CD88-6C78-4EA1-84F2-F42B44FB16FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Settlers Online\nw.exe No File
FirewallRules: [{AD8CED47-001A-4E7D-87E1-BA714827A15E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Capitalism 2\Cap2.exe No File
FirewallRules: [{355626D9-B0D0-45D4-A2BC-32EB3FF43070}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Capitalism 2\Cap2.exe No File
FirewallRules: [{B5803D40-607C-40BD-BF16-4DEBE62B49EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{B5420EB0-4AC8-41B4-B721-25A0DD2DB67A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5ACBFBB3-1763-442D-95C3-95005A401FF2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{40DAE94F-A420-494E-B05A-51B07130B2C6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [UDP Query User{FC9E63E4-7BB0-4679-90AE-ED316F15A24F}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [TCP Query User{E48B2C74-EBA4-47B9-AFEA-9ACEA19CBE86}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [{FE987606-528F-4533-A2B4-8E43360D44D2}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe No File
FirewallRules: [{BC71DE09-D00B-4449-9BAA-39454FAB9418}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe No File
FirewallRules: [{3BDB9EA1-38D4-4050-A37C-AE2F9FEA63FF}] => (Allow) C:\Users\matus\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe No File
FirewallRules: [{6951D574-7D93-4904-ACA4-E461BCAE3625}] => (Allow) C:\Users\matus\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe No File
FirewallRules: [UDP Query User{0334164D-5921-4DA9-B85B-0B4655B604F7}C:\users\matus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matus\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{62CA0A2E-53D1-4542-A67E-2F7A02848F53}C:\users\matus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matus\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{587C10ED-07BE-4964-9C53-7559841441FE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [TCP Query User{CC8E214E-4343-43B8-9521-4B4DC27F76CB}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [{92FCA0C6-DDA5-47D8-9BDD-A6945F36EF0F}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe No File
FirewallRules: [{F8AB0587-FF3B-4076-9469-5B2C2CB074F3}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe No File
FirewallRules: [{0BA10FF4-D71A-4D25-AE7D-D75948C75EA8}] => (Allow) LPort=8743
FirewallRules: [{D0AE0B83-6B03-417A-8D43-5A2D9A91D3CB}] => (Allow) LPort=8643
FirewallRules: [{6A71AF7C-7ADB-4FF6-BB58-81D4FE6246F3}] => (Allow) LPort=7676
FirewallRules: [{895AA4BB-784C-422A-A2CA-26C662DC94E1}] => (Allow) LPort=7679
FirewallRules: [{08D04F16-DF6B-41A7-8BEF-0C475D748A89}] => (Allow) LPort=24234
FirewallRules: [{E94FBF68-7A2A-4BDF-87D8-89534B0800A3}] => (Allow) LPort=7900
FirewallRules: [{8B0F7792-A34B-4DB7-BE86-A1DEC2824416}] => (Allow) LPort=1900
FirewallRules: [{74D8855E-CEC9-41AF-B10A-B432914E0066}] => (Allow) C:\Program Files\D-Link\SharePort Plus\SharePortPlus.exe (D-LINK CORPORATION -> D-Link Corp.)
FirewallRules: [{A3DBCE77-0926-494A-8AFA-0D285718AAF6}] => (Allow) LPort=19540
FirewallRules: [{B9D50A82-21A2-46F0-9FAB-E189E67DDF48}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe No File
FirewallRules: [{7A892F73-47E9-4CB6-B1C3-02742B40DFEF}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe No File
FirewallRules: [{E55B57B8-A950-4AE1-9030-338948C0A816}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe No File
FirewallRules: [TCP Query User{CDFFB115-DFFC-441F-BE5D-A9127F6C1567}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [UDP Query User{60206806-F9BD-4B13-90E5-D5A20D82F021}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [TCP Query User{3D6A993C-7BE4-428D-9367-EEA7F10501AD}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [UDP Query User{5C68D532-F789-4F05-B2C8-1AC6F4FD0F65}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [TCP Query User{5CB81A67-5F66-4C27-A450-2A91C6881614}C:\program files (x86)\photodex\proshow gold\proshow.exe] => (Block) C:\program files (x86)\photodex\proshow gold\proshow.exe (Photodex Corporation -> Photodex)
FirewallRules: [UDP Query User{3148B70F-8759-48BE-AF44-6D5CC79F934A}C:\program files (x86)\photodex\proshow gold\proshow.exe] => (Block) C:\program files (x86)\photodex\proshow gold\proshow.exe (Photodex Corporation -> Photodex)
FirewallRules: [TCP Query User{05EE6172-851A-447A-AD3B-63B21A412D4D}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe] => (Allow) C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe No File
FirewallRules: [UDP Query User{DC9285F3-5276-46E1-A0D5-87A44B28A402}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe] => (Allow) C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe No File
FirewallRules: [TCP Query User{D5CD366E-F688-4E82-B179-B0530BC21377}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe () [File not signed]
FirewallRules: [UDP Query User{EBDC1CCF-B409-4C2C-8A18-002EC0E7902B}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe () [File not signed]
FirewallRules: [{88AE1167-35CF-4A3C-B1A4-C809BEB2BE59}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{00B7F292-9D74-46DC-AF0F-8C10C85A8925}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{2DD7A42F-D4EF-4138-B548-563D6F97AAFE}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [UDP Query User{F4FC2043-1FC5-4123-881F-BB886342DFF0}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [TCP Query User{FEFA130F-501B-45D9-905A-C12FA4AB3305}C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat] => (Allow) C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat No File
FirewallRules: [UDP Query User{0CFEDBFD-3E26-407A-8892-910112616C75}C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat] => (Allow) C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat No File
FirewallRules: [TCP Query User{1BB026D5-623D-4753-92EC-1E336206C227}C:\program files (x86)\photodex\proshow producer\proshow.exe] => (Allow) C:\program files (x86)\photodex\proshow producer\proshow.exe No File
FirewallRules: [UDP Query User{C21C1074-E4E9-4366-9D8A-CF434B46A9FA}C:\program files (x86)\photodex\proshow producer\proshow.exe] => (Allow) C:\program files (x86)\photodex\proshow producer\proshow.exe No File
FirewallRules: [{A6580990-CC9F-4AF9-A95A-E8F5A16FE6D1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe No File
FirewallRules: [{6DED1D24-CFD5-4E7B-BFF4-CF6A123F436E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe No File
FirewallRules: [{1A7DA661-770A-4C65-B5CB-01025BBAD66A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe No File
FirewallRules: [{4B8C472B-A040-4B07-BE17-97ACF57E251B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe No File
FirewallRules: [{3493122D-66EA-4285-8902-9061F70F4D35}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe No File
FirewallRules: [{A0478BC1-EEFE-4C71-8AFD-A36146DA44BC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D380BECC-3FF8-4A7C-98F2-E0DCA5D7F84A}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [UDP Query User{F0D28D04-75B9-4BFC-B6CC-4CEA0C970576}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [{5D3678F5-717A-4CD2-810D-D14C8BDED05F}] => (Allow) C:\Users\matus\AppData\Roaming\server.exe No File
FirewallRules: [{C560DA77-0417-445B-B3B1-E7FA7ABF0AD6}] => (Allow) C:\Users\matus\AppData\Roaming\server.exe No File
FirewallRules: [{2C0C7B16-8D25-4834-BC83-D62A4ED96405}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4338B3B7-68D1-46CF-850E-DB4F9D92CBF1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0550766C-8990-4F90-A228-C397A2B7EA83}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{1793B47C-65BE-4CC3-AED5-309D3104443E}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{6DAEF2CA-BEE8-477A-8D3A-140551442F50}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{7FD0398F-ED20-44FB-8A02-E2B88379831A}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{E155F248-A43A-42CE-937B-191572D3F090}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{4BB3EC4D-4963-4B2C-BE83-3513CE0DD584}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{5AEF9EEE-E909-4500-BAD5-84282C774C92}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A37DE521-8669-45D2-A802-89AD4E61DCAB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{7991E652-F01D-46F1-B3D0-AF0EE136AAC2}C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe] => (Allow) C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [UDP Query User{E6A6F1CA-4FFA-4382-8416-1E98DCEAC80C}C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe] => (Allow) C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [TCP Query User{3236FB93-E881-4935-850D-24BA244C10AA}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [UDP Query User{596F0AE8-386A-4074-BA15-923BDD31E665}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [TCP Query User{D19B695A-6B82-4A88-86A6-F23D7F26BDE7}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [UDP Query User{763E5098-9693-4323-A2FF-A1A208A4ABE4}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [{E68295E4-D7AF-42FF-92D5-43E235862730}] => (Allow) C:\Program Files\CyberLink\PowerDirector16\PDR10.EXE No File
FirewallRules: [{FB6ADE5D-E6C6-4A15-A065-B041DD0B558A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{0C629DDA-E0F2-4DAA-A3D0-B5A99AF0C06C}] => (Allow) %SystemRoot%\ehome\ehrecvr.exe No File

==================== Restore Points =========================

19-02-2019 11:05:58 Windows Update
27-02-2019 06:08:01 Naplánovaný kontrolní bod
03-03-2019 14:24:50 Windows Update
18-03-2019 15:15:22 Windows Update

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/20/2019 02:09:25 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/20/2019 02:06:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 167613047

Error: (03/20/2019 02:06:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 167613047

Error: (03/20/2019 02:06:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/18/2019 03:32:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1640

Error: (03/18/2019 03:32:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1640

Error: (03/18/2019 03:32:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/18/2019 03:19:44 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-QCNA7PB)
Description: Aplikaci nebo službu Microsoft Excel nelze ukončit.


System errors:
=============
Error: (03/20/2019 02:24:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/20/2019 02:23:34 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/20/2019 02:20:59 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (03/20/2019 02:18:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800f081f): 2019-03 Kumulativní aktualizace pro Windows 10 Version 1803 pro systémy typu x64 (KB4489868).

Error: (03/20/2019 02:16:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/20/2019 02:14:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/20/2019 02:14:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/20/2019 02:14:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:07:20, ‎20.‎03.‎2019) bylo neočekávané.


CodeIntegrity:
===================================

Date: 2019-03-20 14:27:48.747
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-20 14:27:48.739
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-20 14:27:11.517
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-20 14:27:11.513
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-20 14:25:51.577
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-20 14:25:51.571
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-20 14:25:44.573
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-20 14:25:44.566
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: AMD A8-7410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 70%
Total physical RAM: 3518.88 MB
Available physical RAM: 1028.7 MB
Total Virtual: 4158.88 MB
Available Virtual: 1599.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.06 GB) (Free:58.06 GB) NTFS

\\?\Volume{b43d61db-c560-4a32-aca9-d31640847cfc}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{6d0efb9f-1fbc-45ac-8164-b24bf57fa9a5}\ () (Fixed) (Total:0.86 GB) (Free:0.38 GB) NTFS
\\?\Volume{6b087b33-927b-45cb-9213-bee70815187d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu zda se mi počitač pomalý

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Ondra1063
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 20 bře 2019 14:30

Re: Prosím o kontrolu logu zda se mi počitač pomalý

#3 Příspěvek od Ondra1063 »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-20-2019
# Duration: 00:00:07
# OS: Windows 10 Home
# Cleaned: 11
# Failed: 2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\NERO\NERO TUNEITUP
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\matus\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\8c2b9f4075d082c7de5d3dee6d3f388d
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm

***** [ Chromium (and derivatives) ] *****

Not Deleted Seznam doplněk - Email
Not Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2253 octets] - [20/03/2019 15:26:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu zda se mi počitač pomalý

#4 Příspěvek od Diallix »

Poprosim o nove logy FRST a ADDITION,
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Ondra1063
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 20 bře 2019 14:30

Re: Prosím o kontrolu logu zda se mi počitač pomalý

#5 Příspěvek od Ondra1063 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by matus (administrator) on DESKTOP-QCNA7PB (20-03-2019 16:07:21)
Running from C:\Users\matus\Desktop
Loaded Profiles: matus (Available Profiles: matus)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVerMedia) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() [File not signed] C:\Program Files\D-Link\SharePort Plus\Spnuhelper.exe
(Elgato Systems -> Elgato Systems GmbH) C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Western Digital Techologies -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\matus\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(AVerMedia TECHNOLOGIES, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(D-LINK CORPORATION -> D-Link Corp.) C:\Program Files\D-Link\SharePort Plus\SharePortPlus.exe
(Power Technology -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe
(ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
(Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
(Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19011.11311.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [177928 2019-03-18] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843520 2016-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation) [File not signed]
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2309008 2017-11-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1325240 2018-11-20] (Power Technology -> ) [File not signed]
HKLM-x32\...\Run: [Remote Control Editor] => C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTVRC.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\Run: [BDFE749FBD481E3AA828287100E5863D96D31C94._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1708016 2019-03-01] (Google LLC -> Google Inc.)
HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [752736 2012-10-08] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\Run: [Copernic.Utils] => "C:\Program Files (x86)\Copernic\DesktopSearch4\Copernic.DesktopSearch.exe" /tray
HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\MountPoints2: {66e3cd4a-74e1-11e8-a507-e09467f6a030} - "E:\TOPSTART.EXE"
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2017-08-02] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [vidc.divx] => C:\Windows\SysWOW64\divx.dll [680960 2003-11-11] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.div4] => C:\Windows\SysWOW64\DivXc32f.dll [121920 2003-04-22] (Pinky.cz) [File not signed]
HKLM\...\Drivers32: [vidc.div3] => C:\Windows\SysWOW64\DivXc32.dll [121920 2003-04-21] (build Pinky.cz) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvid.dll [202752 2003-07-16] () [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2003-07-29] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.divxa] => C:\Windows\SysWOW64\divxa32.acm [290896 2003-04-21] (build Pinky.cz) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\Vorbis.acm [209408 2001-06-22] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [msacm.a3d] => C:\Windows\SysWOW64\a3d.dll [720896 2002-08-27] (Sensaura Ltd) [File not signed]
HKLM\...\Drivers32: [msacm.ogg] => C:\Windows\SysWOW64\ogg.dll [21504 2002-10-05] () [File not signed]
HKLM\...\Drivers32: [msacm.vorbisenc] => C:\Windows\SysWOW64\vorbisenc.dll [80384 2002-10-05] () [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\WINDOWS\SysWOW64\l3codecp.acm [190464 2018-04-12] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-05] (Google LLC -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2017-10-10]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2017-10-10]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
Startup: C:\Users\matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\D5Tq84ha3NXEFA6gGAxT.vbs [2018-08-21] () [File not signed]
Startup: C:\Users\matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SharePort Plus.lnk [2017-09-06]
ShortcutTarget: SharePort Plus.lnk -> C:\Program Files\D-Link\SharePort Plus\SharePortPlus.exe (D-LINK CORPORATION -> D-Link Corp.)
Startup: C:\Users\matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2018-07-07]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0a108eec-fd3e-4a94-8677-90324982d730}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1193c1da-f4e5-4664-a9a4-23db8fe0718a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{93d62c76-7eed-4d4c-bfe4-f830274b5da6}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKU\S-1-5-21-618738485-2318971794-796116561-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {30686DEB-515D-46C0-B0D8-8726DF6338F5} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {3B643E45-577D-4C75-915C-F48D414579A9} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {54754879-37DE-4536-BACF-3CEB4BC27FD6} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {664D19B2-4AFF-4D98-B49D-BC73D6BB1495} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {792D1508-C90A-4215-BCEE-C54EA20FF27A} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {9B8B8650-9645-44F3-977D-2F0D74CAF39B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {A77523C8-FEFB-4F7A-BED8-E21D138B07D9} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {C37E0712-D9E4-4F45-99EE-1AF7B81BD2FB} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {D919801A-30B5-4B97-B614-3375D3979CF9} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc -> Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default [2019-03-20]
CHR Extension: (Prezentace) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-13]
CHR Extension: (Seznam doplněk - Email) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-02-14]
CHR Extension: (YouTube) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-13]
CHR Extension: (Tabulky) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-02-14]
CHR Extension: (Gmail) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-13]
CHR Extension: (Chrome Media Router) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-14]
CHR Profile: C:\Users\matus\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-02-14]
CHR Profile: C:\Users\matus\AppData\Local\Google\Chrome\User Data\System Profile [2019-02-14]
CHR HKU\S-1-5-21-618738485-2318971794-796116561-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-618738485-2318971794-796116561-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx <not found>
CHR HKU\S-1-5-21-618738485-2318971794-796116561-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [264224 2015-10-08] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [368640 2013-06-26] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [772096 2013-08-16] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-06] (Microsoft Corporation -> Microsoft Corporation)
R2 D-Link SharePort Plus Helper; C:\Program Files\D-Link\SharePort Plus\Spnuhelper.exe [49152 2011-03-25] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-03-18] (ESET, spol. s r.o. -> ESET)
R2 EyeTV Netstream; C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [400864 2013-04-15] (Elgato Systems -> Elgato Systems GmbH)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [541896 2018-07-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [524632 2018-03-26] (Western Digital Techologies -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21653520 2015-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [683032 2015-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [91400 2015-10-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2016-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 AVerFx2hbtv64; C:\WINDOWS\system32\drivers\AVerFx2hbtv64.sys [512512 2009-12-08] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 AVerPola; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [871048 2016-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 CYDTV_SRV; C:\WINDOWS\system32\drivers\cydtv.sys [986752 2017-04-10] (Shenzhen Geniatech Technology LTD. -> )
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2015-11-15] (Power Technology -> Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [145600 2019-03-18] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107744 2019-03-18] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188240 2019-03-18] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50752 2017-05-04] (ESET, spol. s r.o. -> ESET)
S4 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [78192 2017-05-04] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [110000 2019-03-18] (ESET, spol. s r.o. -> ESET)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-08] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2013-08-14] (Corel Corporation -> Corel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 sxuptp; C:\WINDOWS\System32\drivers\sxuptp.sys [317792 2015-09-03] (D-LINK CORPORATION -> silex technology, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-20 16:07 - 2019-03-20 16:08 - 000024803 _____ C:\Users\matus\Desktop\FRST.txt
2019-03-20 16:07 - 2019-03-20 14:25 - 002434048 _____ (Farbar) C:\Users\matus\Desktop\FRST64.exe
2019-03-20 15:25 - 2019-03-20 15:23 - 007316688 _____ (Malwarebytes) C:\Users\matus\Desktop\adwcleaner_7.2.7.0.exe
2019-03-20 15:23 - 2019-03-20 15:26 - 000000000 ____D C:\AdwCleaner
2019-03-20 15:23 - 2019-03-20 15:23 - 007316688 _____ (Malwarebytes) C:\Users\matus\Downloads\adwcleaner_7.2.7.0.exe
2019-03-20 14:28 - 2019-03-20 14:30 - 000046339 _____ C:\Users\matus\Downloads\Addition.txt
2019-03-20 14:26 - 2019-03-20 16:07 - 000000000 ____D C:\FRST
2019-03-20 14:26 - 2019-03-20 14:30 - 000035812 _____ C:\Users\matus\Downloads\FRST.txt
2019-03-20 14:25 - 2019-03-20 14:25 - 002434048 _____ (Farbar) C:\Users\matus\Downloads\FRST64.exe
2019-03-20 14:20 - 2019-03-20 14:20 - 000000000 ___HD C:\OneDriveTemp
2019-03-18 15:21 - 2019-03-18 15:21 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-03-18 15:21 - 2019-03-18 15:21 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-18 15:21 - 2019-03-18 15:21 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-18 15:21 - 2019-03-18 15:21 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-18 15:21 - 2019-03-18 15:21 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-18 15:21 - 2019-03-18 15:21 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-18 15:21 - 2019-03-18 15:21 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-18 15:21 - 2019-03-18 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-03-18 15:00 - 2019-03-18 15:10 - 1100651337 _____ C:\Users\matus\Downloads\Johny English znovu zasahuje 2018 CZ dabing od LUCII.mkv
2019-03-18 14:59 - 2019-03-18 15:11 - 1074605062 _____ C:\Users\matus\Downloads\Johny English 3 znovu zasahuje 2018 CZ dabing.avi
2019-03-06 10:32 - 2019-03-06 10:32 - 000014928 _____ C:\Users\matus\Downloads\Puriny-rozdělení.xlsx
2019-02-27 17:16 - 2019-02-27 17:18 - 000000000 ____D C:\3
2019-02-25 18:25 - 2019-02-25 18:25 - 000002274 _____ C:\Users\Public\Desktop\CyberLink WaveEditor 2.lnk
2019-02-25 18:25 - 2019-02-25 18:25 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2
2019-02-25 18:24 - 2019-02-25 18:25 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2019-02-25 18:24 - 2019-02-25 18:24 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Screen Recorder 16.lnk
2019-02-25 18:24 - 2019-02-25 18:24 - 000002136 _____ C:\Users\Public\Desktop\CyberLink Screen Recorder 16.lnk
2019-02-25 18:24 - 2019-02-25 18:24 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 16 (64-bit).lnk
2019-02-25 18:24 - 2019-02-25 18:24 - 000002053 _____ C:\Users\Public\Desktop\CyberLink PowerDirector 16 (64-bit).lnk
2019-02-25 18:24 - 2019-02-25 18:24 - 000000000 ____D C:\Users\matus\AppData\Roaming\proDAD
2019-02-25 18:24 - 2019-02-25 18:24 - 000000000 ____D C:\ProgramData\proDAD
2019-02-25 18:24 - 2019-02-25 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2019-02-25 18:24 - 2019-02-25 18:24 - 000000000 ____D C:\Program Files\proDAD
2019-02-25 18:24 - 2019-02-25 18:24 - 000000000 ____D C:\Program Files\NewBlue
2019-02-25 18:24 - 2019-02-25 18:24 - 000000000 ____D C:\Program Files\Common Files\NewBlue
2019-02-25 18:24 - 2019-02-25 18:24 - 000000000 ____D C:\Program Files (x86)\NewBlue
2019-02-25 18:24 - 2017-08-02 03:14 - 000607256 _____ (proDAD GmbH) C:\WINDOWS\system32\prodad-codec.dll
2019-02-25 18:24 - 2017-08-02 03:14 - 000376344 _____ (proDAD GmbH) C:\WINDOWS\system32\proDAD-PA-Support.dll
2019-02-25 18:23 - 2019-02-25 18:25 - 000000000 ____D C:\Program Files (x86)\CyberLink
2019-02-25 18:21 - 2019-02-25 18:25 - 000000000 ____D C:\ProgramData\SUPPORTDIR

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-20 16:06 - 2018-05-26 08:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-20 16:06 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-20 15:34 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-20 15:33 - 2018-05-26 08:56 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-20 15:33 - 2018-04-12 16:50 - 000716276 _____ C:\WINDOWS\system32\perfh005.dat
2019-03-20 15:33 - 2018-04-12 16:50 - 000144534 _____ C:\WINDOWS\system32\perfc005.dat
2019-03-20 15:33 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-20 15:28 - 2017-08-13 15:48 - 000000000 ___RD C:\Users\matus\OneDrive
2019-03-20 15:27 - 2018-05-26 08:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-20 15:26 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-03-20 15:26 - 2018-02-02 16:03 - 000000000 ____D C:\ProgramData\Nero
2019-03-20 15:26 - 2017-08-13 15:50 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-03-20 14:21 - 2018-11-29 16:51 - 000000000 ____D C:\Program Files\rempl
2019-03-20 14:15 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-20 14:15 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-20 14:07 - 2017-08-14 17:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-18 15:20 - 2017-08-13 16:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-18 15:15 - 2017-08-14 17:01 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-18 14:59 - 2017-06-22 15:01 - 000145600 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2019-03-18 14:59 - 2017-05-04 12:18 - 000188240 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2019-03-18 14:59 - 2017-05-04 12:18 - 000110000 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-03-18 14:59 - 2017-05-04 12:18 - 000107744 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2019-03-06 12:30 - 2017-08-13 16:30 - 000000000 ____D C:\Users\matus\AppData\Local\GHISLER
2019-03-06 10:32 - 2017-11-27 09:37 - 000000000 ____D C:\Users\matus\AppData\Local\Packages
2019-03-05 12:35 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-03-05 12:17 - 2017-08-13 15:55 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-05 12:17 - 2017-08-13 15:55 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-03 17:54 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-03-03 17:54 - 2018-04-12 00:41 - 000179608 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-03 14:28 - 2018-05-26 08:56 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-618738485-2318971794-796116561-1001
2019-03-03 14:28 - 2018-05-26 08:48 - 000002432 _____ C:\Users\matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-25 18:28 - 2017-09-15 11:07 - 000000000 ____D C:\Users\Public\CyberLink
2019-02-25 18:28 - 2017-09-06 13:19 - 000000000 ____D C:\Users\matus\Documents\CyberLink
2019-02-25 18:27 - 2017-09-15 10:59 - 000000000 ____D C:\Users\matus\AppData\Roaming\CyberLink
2019-02-25 18:25 - 2017-10-14 12:28 - 000000000 ____D C:\ProgramData\install_backup
2019-02-25 18:25 - 2017-09-06 11:39 - 000000000 ____D C:\ProgramData\install_clap
2019-02-25 18:25 - 2017-08-13 16:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-02-25 18:24 - 2017-09-06 11:32 - 000000000 ___HD C:\ProgramData\CyberLink
2019-02-25 18:22 - 2017-09-06 11:33 - 000000000 ____D C:\Program Files\CyberLink

==================== Files in the root of some directories =======

2017-08-13 16:19 - 2017-08-13 16:19 - 000000268 ___RH () C:\Users\matus\AppData\Roaming\howto
2018-07-26 16:10 - 2018-12-27 13:55 - 000099384 _____ () C:\Users\matus\AppData\Roaming\inst.exe
2018-07-26 16:10 - 2018-12-27 13:55 - 000007859 _____ () C:\Users\matus\AppData\Roaming\pcouffin.cat
2018-07-26 16:10 - 2018-12-27 13:55 - 000001167 _____ () C:\Users\matus\AppData\Roaming\pcouffin.inf
2018-07-26 16:11 - 2018-12-27 13:55 - 000000033 _____ () C:\Users\matus\AppData\Roaming\pcouffin.log
2018-07-26 16:10 - 2018-12-27 13:55 - 000082816 _____ (VSO Software) C:\Users\matus\AppData\Roaming\pcouffin.sys
2017-08-13 16:20 - 2017-08-13 16:20 - 000000268 ___RH () C:\Users\matus\AppData\Roaming\Vocals
2017-08-13 16:21 - 2017-08-13 16:21 - 000000268 ___RH () C:\Users\matus\AppData\Roaming\WebServer
2017-08-13 16:20 - 2017-08-13 16:20 - 000000268 ___RH () C:\Users\matus\AppData\Roaming\Widgets
2018-09-16 15:47 - 2018-09-16 15:47 - 000003584 _____ () C:\Users\matus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-26 08:45

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by matus (20-03-2019 16:09:22)
Running from C:\Users\matus\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-05-26 07:57:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-618738485-2318971794-796116561-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-618738485-2318971794-796116561-503 - Limited - Disabled)
Guest (S-1-5-21-618738485-2318971794-796116561-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-618738485-2318971794-796116561-1003 - Limited - Enabled)
matus (S-1-5-21-618738485-2318971794-796116561-1001 - Administrator - Enabled) => C:\Users\matus
WDAGUtilityAccount (S-1-5-21-618738485-2318971794-796116561-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Disabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
AVer MediaCenter 3D (HKLM-x32\...\{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}) (Version: 1.7.9.91.15030401 - AVerMedia Technologies, Inc.) Hidden
AVer MediaCenter 3D (HKLM-x32\...\InstallShield_{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}) (Version: 1.7.9.91.15030401 - AVerMedia Technologies, Inc.)
AVerMedia C039 USB Capture Card 10.2.64.103 (HKLM-x32\...\AVerMedia C039 USB Capture Card) (Version: 10.2.64.103 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia H837 USB Hybrid ATSC/QAM 10.2.64.103 (HKLM-x32\...\AVerMedia H837 USB Hybrid ATSC/QAM) (Version: 10.2.64.103 - AVerMedia TECHNOLOGIES, Inc.)
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
CyberLink PowerDirector 16 (HKLM-x32\...\{EE9EC028-49D2-4349-B0A3-9B2E752A4958}) (Version: 16.0.1927.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DFX (HKLM-x32\...\DFX) (Version: 12.011.0.0 - Power Technology)
Driver Install 64bit (HKLM-x32\...\{1AF7F543-C862-4FD7-A6C1-FB527D2A2D91}) (Version: 1.32.1146.0 - 6?Shenzhen Geniatech Inc.,Ltd)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DxO FilmPack 3 (HKLM\...\{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}) (Version: 3.4.96.0 - DxO Labs)
DxO PhotoLab 2 (HKLM\...\{DE14CE7D-2B71-41E0-8BE1-621DD49971FC}) (Version: 2.1.0 - DxO)
ESET Security (HKLM\...\{3B6E8FD7-0C63-47D7-A118-17AB1581EE3A}) (Version: 11.0.120.0 - ESET, spol. s r.o.)
EyeTV Netstream for Windows Media Center (HKLM-x32\...\EyeTV Netstream Service) (Version: 1.01.00.16 - Elgato Systems GmbH)
Formix SE - formuláře kanceláře (HKLM-x32\...\Formix SE_is1) (Version: - Martin Roubec)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
KaM - The Peasants Rebellion (HKLM-x32\...\KaM - The Peasants Rebellion) (Version: - )
KaM Remake Full r6720 (HKLM-x32\...\{FDE049C8-E4B2-4EB5-A534-CF5C581F5D32}_is1) (Version: - )
K-Lite Mega Codec Pack 14.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.4.0 - KLCP)
Kodek 0.16 CZ (HKLM-x32\...\{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1) (Version: 0.16 - Pinky.cz)
Kuki (HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\Kuki) (Version: 20160616.000 - SMART Comp. a.s.)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{4cadd82e-f9f2-4f69-bcfd-a0b929d8e6e2}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movavi Video Converter 18 Premium (HKLM-x32\...\Movavi Video Converter 18 Premium) (Version: 18.4.0 - Movavi)
Movavi Video Converter 18 Premium verze Verzia 18 (HKLM-x32\...\{F20A5760-7FCB-4C99-8FA9-7594EA6EC500}_is1) (Version: Verzia 18 - My Company, Inc.)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Network Print Monitor for Windows (HKLM-x32\...\Network Print Monitor) (Version: - )
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.3.0 - Nikon Corporation)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.3 - Nikon)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Ogg Vorbis ACM Codec (HKLM-x32\...\VorbisCodec) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PC Štítky 2.xx (HKLM-x32\...\PC Štítky 2.xx_is1) (Version: - LAN Consult, spol. s r.o.)
Photo Story 3 pro Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.10 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.16 - Nikon)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.115.3 - proDAD GmbH)
ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - Photodex Corporation)
ProShow Plugins for Lightroom (HKLM-x32\...\ProShow Plugins for Lightroom) (Version: - )
Puzznic 1.5 (HKLM-x32\...\Puzznic_is1) (Version: - ZX Games)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7730 - Realtek Semiconductor Corp.)
Recepty doma (HKLM-x32\...\Recepty doma_is1) (Version: - Martin Roubec)
SharePort Plus (HKLM\...\SharePort Plus) (Version: 4.5.0 R1 - D-Link Corporation)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.2.0 - ShareX Team)
Spectaculator 5.3 (HKLM-x32\...\{C8C61BA0-F07E-4240-B5B0-669988B3A51A}) (Version: 5.30.371 - spectaculator.com)
Spectaculator 8.0 (HKLM-x32\...\{B21AE9DA-E837-4F82-B061-7848B4F3096B}) (Version: 8.0.0.3092 - spectaculator.com)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
the Free Unix Spectrum Emulator (Fuse) 1.5.7 (HKLM-x32\...\Fuse) (Version: 1.5.7 - )
TMPGEnc Authoring Works 5 (HKLM-x32\...\{3B2A7C83-EFAE-4FC1-BF6B-500042E8B17A}) (Version: 5.0.8.26 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Premium Theme Pack 1 (HKLM-x32\...\{5D314FE3-3D51-4C46-9514-8B0A28F7AF77}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 1 (HKLM-x32\...\{929EAD99-9874-43BF-B3F4-5F5D2D9D66A9}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 2 (HKLM-x32\...\{5ECF915E-710A-441E-A7CB-1E599A61D34F}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 3 (HKLM-x32\...\{504C5775-4DD4-40A6-84EA-2837EBC5D268}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 4 (HKLM-x32\...\{081872FE-8932-42E9-B3CE-CE85C477790E}) (Version: 1.0.0.0 - Pegasys Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
TotalTV Player (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.32.4 - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.3 - Nikon)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{5ea95ccc-fc68-4182-88a9-e563ba3900ed}) (Version: 2.0.0.26 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{893C7059-0464-47FB-85A4-5E1ADDA56141}) (Version: 2.0.0.26 - Western Digital Technologies, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinUAE 64-bit 4.0.0 (HKLM\...\{3F3C6C30-B791-4DD5-ABEF-48F424366039}) (Version: 4.0.0.0 - Arabuusimiehet)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.2 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-618738485-2318971794-796116561-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-618738485-2318971794-796116561-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {011B1B4B-AD59-41A1-81DD-0066619438F3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {0210F1A7-36F7-4721-80AC-711B15134F2C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {3BD18A82-6C17-4A83-B7D1-F0EEB394860A} - System32\Tasks\allshare => C:\Users\matus\Downloads\AllSharePCSW.exe
Task: {4C97623A-D2AB-486B-8EBB-ACD9694192F1} - System32\Tasks\S-1-5-21-618738485-2318971794-796116561-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {6418A6B3-67C3-4367-A632-499038B5CDE0} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {7116671D-FC5D-4DA1-8697-B4F715967895} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {74FC8605-D353-427B-9321-87FFDDDDB972} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {8AAF4279-B5A1-45A5-B904-A0E1584E0FB0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {978F3DA1-9D83-4397-80F4-6B4298C31BE8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {9E34E4F4-0BBF-4F99-BEBC-D3D9BDF60DC8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CCBE5ACD-19AD-42C4-9BBE-1B6923A81D06} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FD7D3E64-CB54-4D42-86F5-087AE71093AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-10-10 11:56 - 2013-06-26 23:36 - 000368640 _____ (AVerMedia) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
2017-09-06 16:20 - 2011-03-25 04:15 - 000049152 ____N () [File not signed] C:\Program Files\D-Link\SharePort Plus\Spnuhelper.exe
2013-04-15 09:06 - 2013-04-15 09:06 - 000032768 _____ ( ) [File not signed] C:\Program Files (x86)\Elgato\EyeTV Netstream\Interop.NetFwTypeLib.dll
2013-04-15 09:06 - 2013-04-15 09:06 - 000014848 _____ ( ) [File not signed] C:\Program Files (x86)\Elgato\EyeTV Netstream\Interop.UPNPLib.dll
2017-10-10 11:56 - 2013-08-16 22:15 - 000772096 _____ () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2017-10-10 11:56 - 2013-08-16 22:10 - 000163840 _____ () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2017-10-10 11:56 - 2013-08-16 22:12 - 000675840 _____ (AVerMedia TECHNOLOGIES, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
2017-09-06 16:20 - 2014-06-30 12:07 - 000314880 ____N () [File not signed] C:\Program Files\D-Link\SharePort Plus\Svlscapi.dll
2017-09-06 16:20 - 2013-12-04 10:58 - 001553408 ____N (D-Link Corp.) [File not signed] C:\Program Files\D-Link\SharePort Plus\Themes\Dsptheme.dll
2015-11-15 04:58 - 2018-11-20 16:32 - 001325240 _____ (Power Technology -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe
2018-01-20 15:53 - 2018-06-22 12:30 - 001865728 _____ (ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
2017-10-10 11:56 - 2015-02-09 20:32 - 000770048 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\GraphMaster.dll
2017-10-10 11:56 - 2015-02-16 21:13 - 000194048 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\CardID.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CD30FA91 [360]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2017-12-24 14:35 - 000000898 _____ C:\WINDOWS\system32\drivers\etc\hosts

0.0.0.0 pubads.g.doubleclick.net
0.0.0.0 securepubads.g.doubleclick.net

2017-09-06 18:49 - 2018-12-18 16:26 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-618738485-2318971794-796116561-1001\Control Panel\Desktop\\Wallpaper -> C:\DSC01842.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AF41BABC-EB80-412E-9FF8-CD0ACFAD2276}] => (Allow) C:\Program Files (x86)\Kuki\addons\skin.netboxkuki\proxies\proxy2.exe () [File not signed]
FirewallRules: [{B8D6DDE3-2B3A-4FA3-B8C4-5A52517A3BC8}] => (Allow) C:\Program Files (x86)\Kuki\addons\skin.netboxkuki\proxies\proxy2.exe () [File not signed]
FirewallRules: [{20B7320F-9C17-4178-8A18-41EB48C7521E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Settlers Online\nw.exe No File
FirewallRules: [{30B0CD88-6C78-4EA1-84F2-F42B44FB16FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Settlers Online\nw.exe No File
FirewallRules: [{AD8CED47-001A-4E7D-87E1-BA714827A15E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Capitalism 2\Cap2.exe No File
FirewallRules: [{355626D9-B0D0-45D4-A2BC-32EB3FF43070}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Capitalism 2\Cap2.exe No File
FirewallRules: [{B5803D40-607C-40BD-BF16-4DEBE62B49EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{B5420EB0-4AC8-41B4-B721-25A0DD2DB67A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5ACBFBB3-1763-442D-95C3-95005A401FF2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{40DAE94F-A420-494E-B05A-51B07130B2C6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [UDP Query User{FC9E63E4-7BB0-4679-90AE-ED316F15A24F}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [TCP Query User{E48B2C74-EBA4-47B9-AFEA-9ACEA19CBE86}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [{FE987606-528F-4533-A2B4-8E43360D44D2}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe No File
FirewallRules: [{BC71DE09-D00B-4449-9BAA-39454FAB9418}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe No File
FirewallRules: [{3BDB9EA1-38D4-4050-A37C-AE2F9FEA63FF}] => (Allow) C:\Users\matus\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe No File
FirewallRules: [{6951D574-7D93-4904-ACA4-E461BCAE3625}] => (Allow) C:\Users\matus\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe No File
FirewallRules: [UDP Query User{0334164D-5921-4DA9-B85B-0B4655B604F7}C:\users\matus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matus\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{62CA0A2E-53D1-4542-A67E-2F7A02848F53}C:\users\matus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matus\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{587C10ED-07BE-4964-9C53-7559841441FE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [TCP Query User{CC8E214E-4343-43B8-9521-4B4DC27F76CB}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [{92FCA0C6-DDA5-47D8-9BDD-A6945F36EF0F}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe No File
FirewallRules: [{F8AB0587-FF3B-4076-9469-5B2C2CB074F3}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe No File
FirewallRules: [{0BA10FF4-D71A-4D25-AE7D-D75948C75EA8}] => (Allow) LPort=8743
FirewallRules: [{D0AE0B83-6B03-417A-8D43-5A2D9A91D3CB}] => (Allow) LPort=8643
FirewallRules: [{6A71AF7C-7ADB-4FF6-BB58-81D4FE6246F3}] => (Allow) LPort=7676
FirewallRules: [{895AA4BB-784C-422A-A2CA-26C662DC94E1}] => (Allow) LPort=7679
FirewallRules: [{08D04F16-DF6B-41A7-8BEF-0C475D748A89}] => (Allow) LPort=24234
FirewallRules: [{E94FBF68-7A2A-4BDF-87D8-89534B0800A3}] => (Allow) LPort=7900
FirewallRules: [{8B0F7792-A34B-4DB7-BE86-A1DEC2824416}] => (Allow) LPort=1900
FirewallRules: [{74D8855E-CEC9-41AF-B10A-B432914E0066}] => (Allow) C:\Program Files\D-Link\SharePort Plus\SharePortPlus.exe (D-LINK CORPORATION -> D-Link Corp.)
FirewallRules: [{A3DBCE77-0926-494A-8AFA-0D285718AAF6}] => (Allow) LPort=19540
FirewallRules: [{B9D50A82-21A2-46F0-9FAB-E189E67DDF48}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe No File
FirewallRules: [{7A892F73-47E9-4CB6-B1C3-02742B40DFEF}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe No File
FirewallRules: [{E55B57B8-A950-4AE1-9030-338948C0A816}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe No File
FirewallRules: [TCP Query User{CDFFB115-DFFC-441F-BE5D-A9127F6C1567}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [UDP Query User{60206806-F9BD-4B13-90E5-D5A20D82F021}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [TCP Query User{3D6A993C-7BE4-428D-9367-EEA7F10501AD}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [UDP Query User{5C68D532-F789-4F05-B2C8-1AC6F4FD0F65}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [TCP Query User{5CB81A67-5F66-4C27-A450-2A91C6881614}C:\program files (x86)\photodex\proshow gold\proshow.exe] => (Block) C:\program files (x86)\photodex\proshow gold\proshow.exe (Photodex Corporation -> Photodex)
FirewallRules: [UDP Query User{3148B70F-8759-48BE-AF44-6D5CC79F934A}C:\program files (x86)\photodex\proshow gold\proshow.exe] => (Block) C:\program files (x86)\photodex\proshow gold\proshow.exe (Photodex Corporation -> Photodex)
FirewallRules: [TCP Query User{05EE6172-851A-447A-AD3B-63B21A412D4D}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe] => (Allow) C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe No File
FirewallRules: [UDP Query User{DC9285F3-5276-46E1-A0D5-87A44B28A402}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe] => (Allow) C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe No File
FirewallRules: [TCP Query User{D5CD366E-F688-4E82-B179-B0530BC21377}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe () [File not signed]
FirewallRules: [UDP Query User{EBDC1CCF-B409-4C2C-8A18-002EC0E7902B}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe () [File not signed]
FirewallRules: [{88AE1167-35CF-4A3C-B1A4-C809BEB2BE59}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{00B7F292-9D74-46DC-AF0F-8C10C85A8925}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{2DD7A42F-D4EF-4138-B548-563D6F97AAFE}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [UDP Query User{F4FC2043-1FC5-4123-881F-BB886342DFF0}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [TCP Query User{FEFA130F-501B-45D9-905A-C12FA4AB3305}C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat] => (Allow) C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat No File
FirewallRules: [UDP Query User{0CFEDBFD-3E26-407A-8892-910112616C75}C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat] => (Allow) C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat No File
FirewallRules: [TCP Query User{1BB026D5-623D-4753-92EC-1E336206C227}C:\program files (x86)\photodex\proshow producer\proshow.exe] => (Allow) C:\program files (x86)\photodex\proshow producer\proshow.exe No File
FirewallRules: [UDP Query User{C21C1074-E4E9-4366-9D8A-CF434B46A9FA}C:\program files (x86)\photodex\proshow producer\proshow.exe] => (Allow) C:\program files (x86)\photodex\proshow producer\proshow.exe No File
FirewallRules: [{A6580990-CC9F-4AF9-A95A-E8F5A16FE6D1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe No File
FirewallRules: [{6DED1D24-CFD5-4E7B-BFF4-CF6A123F436E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe No File
FirewallRules: [{1A7DA661-770A-4C65-B5CB-01025BBAD66A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe No File
FirewallRules: [{4B8C472B-A040-4B07-BE17-97ACF57E251B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe No File
FirewallRules: [{3493122D-66EA-4285-8902-9061F70F4D35}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe No File
FirewallRules: [{A0478BC1-EEFE-4C71-8AFD-A36146DA44BC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D380BECC-3FF8-4A7C-98F2-E0DCA5D7F84A}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [UDP Query User{F0D28D04-75B9-4BFC-B6CC-4CEA0C970576}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [{5D3678F5-717A-4CD2-810D-D14C8BDED05F}] => (Allow) C:\Users\matus\AppData\Roaming\server.exe No File
FirewallRules: [{C560DA77-0417-445B-B3B1-E7FA7ABF0AD6}] => (Allow) C:\Users\matus\AppData\Roaming\server.exe No File
FirewallRules: [{2C0C7B16-8D25-4834-BC83-D62A4ED96405}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4338B3B7-68D1-46CF-850E-DB4F9D92CBF1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0550766C-8990-4F90-A228-C397A2B7EA83}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{1793B47C-65BE-4CC3-AED5-309D3104443E}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{6DAEF2CA-BEE8-477A-8D3A-140551442F50}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{7FD0398F-ED20-44FB-8A02-E2B88379831A}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{E155F248-A43A-42CE-937B-191572D3F090}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{4BB3EC4D-4963-4B2C-BE83-3513CE0DD584}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{5AEF9EEE-E909-4500-BAD5-84282C774C92}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A37DE521-8669-45D2-A802-89AD4E61DCAB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{7991E652-F01D-46F1-B3D0-AF0EE136AAC2}C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe] => (Allow) C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [UDP Query User{E6A6F1CA-4FFA-4382-8416-1E98DCEAC80C}C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe] => (Allow) C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [TCP Query User{3236FB93-E881-4935-850D-24BA244C10AA}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [UDP Query User{596F0AE8-386A-4074-BA15-923BDD31E665}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [TCP Query User{D19B695A-6B82-4A88-86A6-F23D7F26BDE7}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [UDP Query User{763E5098-9693-4323-A2FF-A1A208A4ABE4}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [{E68295E4-D7AF-42FF-92D5-43E235862730}] => (Allow) C:\Program Files\CyberLink\PowerDirector16\PDR10.EXE No File
FirewallRules: [{FB6ADE5D-E6C6-4A15-A065-B041DD0B558A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{104639E9-8400-4310-BC61-C6F8103796C7}] => (Allow) %SystemRoot%\ehome\ehrecvr.exe No File

==================== Restore Points =========================

03-03-2019 14:24:50 Windows Update
18-03-2019 15:15:22 Windows Update

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/20/2019 03:26:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.17134.1, časové razítko: 0x22d334aa
Název chybujícího modulu: combase.dll, verze: 10.0.17134.523, časové razítko: 0x28000460
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000b5d10
ID chybujícího procesu: 0x1b50
Čas spuštění chybující aplikace: 0x01d4df235c6ab2de
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: be219b8a-3b1e-443a-afb9-61f279e413c1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/20/2019 02:09:25 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/20/2019 02:06:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 167613047

Error: (03/20/2019 02:06:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 167613047

Error: (03/20/2019 02:06:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/18/2019 03:32:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1640

Error: (03/18/2019 03:32:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1640

Error: (03/18/2019 03:32:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/20/2019 03:29:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/20/2019 03:29:03 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscCloudBackupProvider
a APPID
Není k dispozici
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/20/2019 03:29:01 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscCloudBackupProvider
a APPID
Není k dispozici
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/20/2019 03:28:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscCloudBackupProvider
a APPID
Není k dispozici
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/20/2019 03:28:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscCloudBackupProvider
a APPID
Není k dispozici
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/20/2019 03:28:42 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/20/2019 03:27:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/20/2019 03:27:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================

Date: 2019-03-20 16:07:32.284
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-20 16:07:32.281
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-20 16:07:30.507
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-20 16:07:30.504
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-20 16:07:22.627
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-20 16:07:22.624
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-20 16:07:18.049
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-20 16:07:18.045
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: AMD A8-7410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 59%
Total physical RAM: 3518.88 MB
Available physical RAM: 1414.87 MB
Total Virtual: 4158.88 MB
Available Virtual: 1775.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.06 GB) (Free:59.52 GB) NTFS

\\?\Volume{b43d61db-c560-4a32-aca9-d31640847cfc}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{6d0efb9f-1fbc-45ac-8164-b24bf57fa9a5}\ () (Fixed) (Total:0.86 GB) (Free:0.38 GB) NTFS
\\?\Volume{6b087b33-927b-45cb-9213-bee70815187d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu zda se mi počitač pomalý

#6 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše


HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation) [File not signed]
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2309008 2017-11-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\MountPoints2: {66e3cd4a-74e1-11e8-a507-e09467f6a030} - "E:\TOPSTART.EXE" 
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR HKU\S-1-5-21-618738485-2318971794-796116561-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx <not found>
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Task: {0210F1A7-36F7-4721-80AC-711B15134F2C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {3BD18A82-6C17-4A83-B7D1-F0EEB394860A} - System32\Tasks\allshare => C:\Users\matus\Downloads\AllSharePCSW.exe
Task: {6418A6B3-67C3-4367-A632-499038B5CDE0} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {FD7D3E64-CB54-4D42-86F5-087AE71093AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
AlternateDataStreams: C:\ProgramData\Temp:CD30FA91 [360]
FirewallRules: [{30B0CD88-6C78-4EA1-84F2-F42B44FB16FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Settlers Online\nw.exe No File
FirewallRules: [{AD8CED47-001A-4E7D-87E1-BA714827A15E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Capitalism 2\Cap2.exe No File
FirewallRules: [{355626D9-B0D0-45D4-A2BC-32EB3FF43070}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Capitalism 2\Cap2.exe No File
FirewallRules: [{B5803D40-607C-40BD-BF16-4DEBE62B49EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{B5420EB0-4AC8-41B4-B721-25A0DD2DB67A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5ACBFBB3-1763-442D-95C3-95005A401FF2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{40DAE94F-A420-494E-B05A-51B07130B2C6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [UDP Query User{FC9E63E4-7BB0-4679-90AE-ED316F15A24F}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [TCP Query User{E48B2C74-EBA4-47B9-AFEA-9ACEA19CBE86}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [{FE987606-528F-4533-A2B4-8E43360D44D2}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe No File
FirewallRules: [{BC71DE09-D00B-4449-9BAA-39454FAB9418}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe No File
FirewallRules: [{3BDB9EA1-38D4-4050-A37C-AE2F9FEA63FF}] => (Allow) C:\Users\matus\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe No File
FirewallRules: [{6951D574-7D93-4904-ACA4-E461BCAE3625}] => (Allow) C:\Users\matus\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe No File
FirewallRules: [UDP Query User{0334164D-5921-4DA9-B85B-0B4655B604F7}C:\users\matus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matus\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{62CA0A2E-53D1-4542-A67E-2F7A02848F53}C:\users\matus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matus\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{587C10ED-07BE-4964-9C53-7559841441FE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [TCP Query User{CC8E214E-4343-43B8-9521-4B4DC27F76CB}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [{92FCA0C6-DDA5-47D8-9BDD-A6945F36EF0F}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe No File
FirewallRules: [{F8AB0587-FF3B-4076-9469-5B2C2CB074F3}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe No File
FirewallRules: [{0BA10FF4-D71A-4D25-AE7D-D75948C75EA8}] => (Allow) LPort=8743
FirewallRules: [{D0AE0B83-6B03-417A-8D43-5A2D9A91D3CB}] => (Allow) LPort=8643
FirewallRules: [{6A71AF7C-7ADB-4FF6-BB58-81D4FE6246F3}] => (Allow) LPort=7676
FirewallRules: [{895AA4BB-784C-422A-A2CA-26C662DC94E1}] => (Allow) LPort=7679
FirewallRules: [{08D04F16-DF6B-41A7-8BEF-0C475D748A89}] => (Allow) LPort=24234
FirewallRules: [{E94FBF68-7A2A-4BDF-87D8-89534B0800A3}] => (Allow) LPort=7900
FirewallRules: [{8B0F7792-A34B-4DB7-BE86-A1DEC2824416}] => (Allow) LPort=1900
FirewallRules: [{A3DBCE77-0926-494A-8AFA-0D285718AAF6}] => (Allow) LPort=19540
FirewallRules: [{B9D50A82-21A2-46F0-9FAB-E189E67DDF48}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe No File
FirewallRules: [{7A892F73-47E9-4CB6-B1C3-02742B40DFEF}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe No File
FirewallRules: [{E55B57B8-A950-4AE1-9030-338948C0A816}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe No File
FirewallRules: [TCP Query User{CDFFB115-DFFC-441F-BE5D-A9127F6C1567}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [UDP Query User{60206806-F9BD-4B13-90E5-D5A20D82F021}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [TCP Query User{3D6A993C-7BE4-428D-9367-EEA7F10501AD}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [UDP Query User{5C68D532-F789-4F05-B2C8-1AC6F4FD0F65}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [TCP Query User{05EE6172-851A-447A-AD3B-63B21A412D4D}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe] => (Allow) C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe No File
FirewallRules: [UDP Query User{DC9285F3-5276-46E1-A0D5-87A44B28A402}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe] => (Allow) C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe No File
FirewallRules: [TCP Query User{2DD7A42F-D4EF-4138-B548-563D6F97AAFE}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [UDP Query User{F4FC2043-1FC5-4123-881F-BB886342DFF0}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [TCP Query User{FEFA130F-501B-45D9-905A-C12FA4AB3305}C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat] => (Allow) C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat No File
FirewallRules: [UDP Query User{0CFEDBFD-3E26-407A-8892-910112616C75}C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat] => (Allow) C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat No File
FirewallRules: [TCP Query User{1BB026D5-623D-4753-92EC-1E336206C227}C:\program files (x86)\photodex\proshow producer\proshow.exe] => (Allow) C:\program files (x86)\photodex\proshow producer\proshow.exe No File
FirewallRules: [UDP Query User{C21C1074-E4E9-4366-9D8A-CF434B46A9FA}C:\program files (x86)\photodex\proshow producer\proshow.exe] => (Allow) C:\program files (x86)\photodex\proshow producer\proshow.exe No File
FirewallRules: [{A6580990-CC9F-4AF9-A95A-E8F5A16FE6D1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe No File
FirewallRules: [{6DED1D24-CFD5-4E7B-BFF4-CF6A123F436E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe No File
FirewallRules: [{1A7DA661-770A-4C65-B5CB-01025BBAD66A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe No File
FirewallRules: [{4B8C472B-A040-4B07-BE17-97ACF57E251B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe No File
FirewallRules: [{3493122D-66EA-4285-8902-9061F70F4D35}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe No File
FirewallRules: [TCP Query User{D380BECC-3FF8-4A7C-98F2-E0DCA5D7F84A}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [UDP Query User{F0D28D04-75B9-4BFC-B6CC-4CEA0C970576}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [{5D3678F5-717A-4CD2-810D-D14C8BDED05F}] => (Allow) C:\Users\matus\AppData\Roaming\server.exe No File
FirewallRules: [{C560DA77-0417-445B-B3B1-E7FA7ABF0AD6}] => (Allow) C:\Users\matus\AppData\Roaming\server.exe No File
FirewallRules: [TCP Query User{3236FB93-E881-4935-850D-24BA244C10AA}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [UDP Query User{596F0AE8-386A-4074-BA15-923BDD31E665}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [TCP Query User{D19B695A-6B82-4A88-86A6-F23D7F26BDE7}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [UDP Query User{763E5098-9693-4323-A2FF-A1A208A4ABE4}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [{E68295E4-D7AF-42FF-92D5-43E235862730}] => (Allow) C:\Program Files\CyberLink\PowerDirector16\PDR10.EXE No File
FirewallRules: [{FB6ADE5D-E6C6-4A15-A065-B041DD0B558A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{104639E9-8400-4310-BC61-C6F8103796C7}] => (Allow) %SystemRoot%\ehome\ehrecvr.exe No File

EmptyTemp:
Hosts:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Ondra1063
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 20 bře 2019 14:30

Re: Prosím o kontrolu logu zda se mi počitač pomalý

#7 Příspěvek od Ondra1063 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by matus (21-03-2019 18:21:03) Run:1
Running from C:\Users\matus\Desktop
Loaded Profiles: matus (Available Profiles: matus)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation) [File not signed]
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2309008 2017-11-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\MountPoints2: {66e3cd4a-74e1-11e8-a507-e09467f6a030} - "E:\TOPSTART.EXE"
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR HKU\S-1-5-21-618738485-2318971794-796116561-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx <not found>
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Task: {0210F1A7-36F7-4721-80AC-711B15134F2C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {3BD18A82-6C17-4A83-B7D1-F0EEB394860A} - System32\Tasks\allshare => C:\Users\matus\Downloads\AllSharePCSW.exe
Task: {6418A6B3-67C3-4367-A632-499038B5CDE0} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {FD7D3E64-CB54-4D42-86F5-087AE71093AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
AlternateDataStreams: C:\ProgramData\Temp:CD30FA91 [360]
FirewallRules: [{30B0CD88-6C78-4EA1-84F2-F42B44FB16FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Settlers Online\nw.exe No File
FirewallRules: [{AD8CED47-001A-4E7D-87E1-BA714827A15E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Capitalism 2\Cap2.exe No File
FirewallRules: [{355626D9-B0D0-45D4-A2BC-32EB3FF43070}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Capitalism 2\Cap2.exe No File
FirewallRules: [{B5803D40-607C-40BD-BF16-4DEBE62B49EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{B5420EB0-4AC8-41B4-B721-25A0DD2DB67A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5ACBFBB3-1763-442D-95C3-95005A401FF2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{40DAE94F-A420-494E-B05A-51B07130B2C6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [UDP Query User{FC9E63E4-7BB0-4679-90AE-ED316F15A24F}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [TCP Query User{E48B2C74-EBA4-47B9-AFEA-9ACEA19CBE86}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [{FE987606-528F-4533-A2B4-8E43360D44D2}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe No File
FirewallRules: [{BC71DE09-D00B-4449-9BAA-39454FAB9418}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe No File
FirewallRules: [{3BDB9EA1-38D4-4050-A37C-AE2F9FEA63FF}] => (Allow) C:\Users\matus\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe No File
FirewallRules: [{6951D574-7D93-4904-ACA4-E461BCAE3625}] => (Allow) C:\Users\matus\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe No File
FirewallRules: [UDP Query User{0334164D-5921-4DA9-B85B-0B4655B604F7}C:\users\matus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matus\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{62CA0A2E-53D1-4542-A67E-2F7A02848F53}C:\users\matus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\matus\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{587C10ED-07BE-4964-9C53-7559841441FE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [TCP Query User{CC8E214E-4343-43B8-9521-4B4DC27F76CB}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [{92FCA0C6-DDA5-47D8-9BDD-A6945F36EF0F}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe No File
FirewallRules: [{F8AB0587-FF3B-4076-9469-5B2C2CB074F3}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe No File
FirewallRules: [{0BA10FF4-D71A-4D25-AE7D-D75948C75EA8}] => (Allow) LPort=8743
FirewallRules: [{D0AE0B83-6B03-417A-8D43-5A2D9A91D3CB}] => (Allow) LPort=8643
FirewallRules: [{6A71AF7C-7ADB-4FF6-BB58-81D4FE6246F3}] => (Allow) LPort=7676
FirewallRules: [{895AA4BB-784C-422A-A2CA-26C662DC94E1}] => (Allow) LPort=7679
FirewallRules: [{08D04F16-DF6B-41A7-8BEF-0C475D748A89}] => (Allow) LPort=24234
FirewallRules: [{E94FBF68-7A2A-4BDF-87D8-89534B0800A3}] => (Allow) LPort=7900
FirewallRules: [{8B0F7792-A34B-4DB7-BE86-A1DEC2824416}] => (Allow) LPort=1900
FirewallRules: [{A3DBCE77-0926-494A-8AFA-0D285718AAF6}] => (Allow) LPort=19540
FirewallRules: [{B9D50A82-21A2-46F0-9FAB-E189E67DDF48}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe No File
FirewallRules: [{7A892F73-47E9-4CB6-B1C3-02742B40DFEF}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe No File
FirewallRules: [{E55B57B8-A950-4AE1-9030-338948C0A816}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe No File
FirewallRules: [TCP Query User{CDFFB115-DFFC-441F-BE5D-A9127F6C1567}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [UDP Query User{60206806-F9BD-4B13-90E5-D5A20D82F021}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [TCP Query User{3D6A993C-7BE4-428D-9367-EEA7F10501AD}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [UDP Query User{5C68D532-F789-4F05-B2C8-1AC6F4FD0F65}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe No File
FirewallRules: [TCP Query User{05EE6172-851A-447A-AD3B-63B21A412D4D}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe] => (Allow) C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe No File
FirewallRules: [UDP Query User{DC9285F3-5276-46E1-A0D5-87A44B28A402}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe] => (Allow) C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe No File
FirewallRules: [TCP Query User{2DD7A42F-D4EF-4138-B548-563D6F97AAFE}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [UDP Query User{F4FC2043-1FC5-4123-881F-BB886342DFF0}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [TCP Query User{FEFA130F-501B-45D9-905A-C12FA4AB3305}C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat] => (Allow) C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat No File
FirewallRules: [UDP Query User{0CFEDBFD-3E26-407A-8892-910112616C75}C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat] => (Allow) C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat No File
FirewallRules: [TCP Query User{1BB026D5-623D-4753-92EC-1E336206C227}C:\program files (x86)\photodex\proshow producer\proshow.exe] => (Allow) C:\program files (x86)\photodex\proshow producer\proshow.exe No File
FirewallRules: [UDP Query User{C21C1074-E4E9-4366-9D8A-CF434B46A9FA}C:\program files (x86)\photodex\proshow producer\proshow.exe] => (Allow) C:\program files (x86)\photodex\proshow producer\proshow.exe No File
FirewallRules: [{A6580990-CC9F-4AF9-A95A-E8F5A16FE6D1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe No File
FirewallRules: [{6DED1D24-CFD5-4E7B-BFF4-CF6A123F436E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe No File
FirewallRules: [{1A7DA661-770A-4C65-B5CB-01025BBAD66A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe No File
FirewallRules: [{4B8C472B-A040-4B07-BE17-97ACF57E251B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe No File
FirewallRules: [{3493122D-66EA-4285-8902-9061F70F4D35}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe No File
FirewallRules: [TCP Query User{D380BECC-3FF8-4A7C-98F2-E0DCA5D7F84A}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [UDP Query User{F0D28D04-75B9-4BFC-B6CC-4CEA0C970576}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe] => (Block) C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe No File
FirewallRules: [{5D3678F5-717A-4CD2-810D-D14C8BDED05F}] => (Allow) C:\Users\matus\AppData\Roaming\server.exe No File
FirewallRules: [{C560DA77-0417-445B-B3B1-E7FA7ABF0AD6}] => (Allow) C:\Users\matus\AppData\Roaming\server.exe No File
FirewallRules: [TCP Query User{3236FB93-E881-4935-850D-24BA244C10AA}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [UDP Query User{596F0AE8-386A-4074-BA15-923BDD31E665}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [TCP Query User{D19B695A-6B82-4A88-86A6-F23D7F26BDE7}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [UDP Query User{763E5098-9693-4323-A2FF-A1A208A4ABE4}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe] => (Allow) C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe No File
FirewallRules: [{E68295E4-D7AF-42FF-92D5-43E235862730}] => (Allow) C:\Program Files\CyberLink\PowerDirector16\PDR10.EXE No File
FirewallRules: [{FB6ADE5D-E6C6-4A15-A065-B041DD0B558A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{104639E9-8400-4310-BC61-C6F8103796C7}] => (Allow) %SystemRoot%\ehome\ehrecvr.exe No File

EmptyTemp:
Hosts:

*****************

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Nikon Message Center 2" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DriveUtilitiesHelper" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher" => removed successfully
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WAB Migrate" => removed successfully
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WAB Migrate" => removed successfully
HKU\S-1-5-21-618738485-2318971794-796116561-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{66e3cd4a-74e1-11e8-a507-e09467f6a030} => removed successfully
HKLM\Software\Classes\CLSID\{66e3cd4a-74e1-11e8-a507-e09467f6a030} => not found
"HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331 => removed successfully
"Chrome NewTab" => removed successfully
HKU\S-1-5-21-618738485-2318971794-796116561-1001\SOFTWARE\Google\Chrome\Extensions\cnnbdaahphjgdgfhliignpepgnbnfomp => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0210F1A7-36F7-4721-80AC-711B15134F2C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0210F1A7-36F7-4721-80AC-711B15134F2C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BD18A82-6C17-4A83-B7D1-F0EEB394860A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BD18A82-6C17-4A83-B7D1-F0EEB394860A}" => removed successfully
C:\WINDOWS\System32\Tasks\allshare => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\allshare" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6418A6B3-67C3-4367-A632-499038B5CDE0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6418A6B3-67C3-4367-A632-499038B5CDE0}" => removed successfully
C:\WINDOWS\System32\Tasks\klcp_update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\klcp_update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD7D3E64-CB54-4D42-86F5-087AE71093AC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD7D3E64-CB54-4D42-86F5-087AE71093AC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\ProgramData\Temp => ":CD30FA91" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{30B0CD88-6C78-4EA1-84F2-F42B44FB16FA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD8CED47-001A-4E7D-87E1-BA714827A15E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{355626D9-B0D0-45D4-A2BC-32EB3FF43070}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5803D40-607C-40BD-BF16-4DEBE62B49EA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5420EB0-4AC8-41B4-B721-25A0DD2DB67A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5ACBFBB3-1763-442D-95C3-95005A401FF2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{40DAE94F-A420-494E-B05A-51B07130B2C6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FC9E63E4-7BB0-4679-90AE-ED316F15A24F}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E48B2C74-EBA4-47B9-AFEA-9ACEA19CBE86}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE987606-528F-4533-A2B4-8E43360D44D2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BC71DE09-D00B-4449-9BAA-39454FAB9418}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3BDB9EA1-38D4-4050-A37C-AE2F9FEA63FF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6951D574-7D93-4904-ACA4-E461BCAE3625}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0334164D-5921-4DA9-B85B-0B4655B604F7}C:\users\matus\appdata\roaming\spotify\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{62CA0A2E-53D1-4542-A67E-2F7A02848F53}C:\users\matus\appdata\roaming\spotify\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{587C10ED-07BE-4964-9C53-7559841441FE}C:\program files (x86)\kodi\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CC8E214E-4343-43B8-9521-4B4DC27F76CB}C:\program files (x86)\kodi\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{92FCA0C6-DDA5-47D8-9BDD-A6945F36EF0F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F8AB0587-FF3B-4076-9469-5B2C2CB074F3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0BA10FF4-D71A-4D25-AE7D-D75948C75EA8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D0AE0B83-6B03-417A-8D43-5A2D9A91D3CB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6A71AF7C-7ADB-4FF6-BB58-81D4FE6246F3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{895AA4BB-784C-422A-A2CA-26C662DC94E1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{08D04F16-DF6B-41A7-8BEF-0C475D748A89}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E94FBF68-7A2A-4BDF-87D8-89534B0800A3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8B0F7792-A34B-4DB7-BE86-A1DEC2824416}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A3DBCE77-0926-494A-8AFA-0D285718AAF6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9D50A82-21A2-46F0-9FAB-E189E67DDF48}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7A892F73-47E9-4CB6-B1C3-02742B40DFEF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E55B57B8-A950-4AE1-9030-338948C0A816}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CDFFB115-DFFC-441F-BE5D-A9127F6C1567}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{60206806-F9BD-4B13-90E5-D5A20D82F021}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3D6A993C-7BE4-428D-9367-EEA7F10501AD}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5C68D532-F789-4F05-B2C8-1AC6F4FD0F65}C:\program files\windowsapps\xbmcfoundation.kodi_17.4.0.0_x86__4n2hpmxwrvr6p\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{05EE6172-851A-447A-AD3B-63B21A412D4D}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DC9285F3-5276-46E1-A0D5-87A44B28A402}C:\program files (x86)\wondershare\youtube-downloader\allmytube.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2DD7A42F-D4EF-4138-B548-563D6F97AAFE}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F4FC2043-1FC5-4123-881F-BB886342DFF0}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FEFA130F-501B-45D9-905A-C12FA4AB3305}C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0CFEDBFD-3E26-407A-8892-910112616C75}C:\program files (x86)\gruntmods studios\dune 2000\dune2000.dat" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1BB026D5-623D-4753-92EC-1E336206C227}C:\program files (x86)\photodex\proshow producer\proshow.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C21C1074-E4E9-4366-9D8A-CF434B46A9FA}C:\program files (x86)\photodex\proshow producer\proshow.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A6580990-CC9F-4AF9-A95A-E8F5A16FE6D1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6DED1D24-CFD5-4E7B-BFF4-CF6A123F436E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1A7DA661-770A-4C65-B5CB-01025BBAD66A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4B8C472B-A040-4B07-BE17-97ACF57E251B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3493122D-66EA-4285-8902-9061F70F4D35}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D380BECC-3FF8-4A7C-98F2-E0DCA5D7F84A}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F0D28D04-75B9-4BFC-B6CC-4CEA0C970576}C:\program files (x86)\gog.com\battle chess special edition\dosbox\dosbox.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5D3678F5-717A-4CD2-810D-D14C8BDED05F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C560DA77-0417-445B-B3B1-E7FA7ABF0AD6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3236FB93-E881-4935-850D-24BA244C10AA}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{596F0AE8-386A-4074-BA15-923BDD31E665}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D19B695A-6B82-4A88-86A6-F23D7F26BDE7}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{763E5098-9693-4323-A2FF-A1A208A4ABE4}C:\program files\windowsapps\deezer.62021768415af_4.0.5.0_x86__q7m17pa7q8kj0\app\deezer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E68295E4-D7AF-42FF-92D5-43E235862730}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB6ADE5D-E6C6-4A15-A065-B041DD0B558A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{104639E9-8400-4310-BC61-C6F8103796C7}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9723904 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 200975557 B
Java, Flash, Steam htmlcache => 202485841 B
Windows/system/drivers => 4722022 B
Edge => 2808490 B
Chrome => 489076339 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 63142 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
matus => 189330264 B

RecycleBin => 0 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:23:02 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu zda se mi počitač pomalý

#8 Příspěvek od Diallix »

Ako je na tom pocitac ?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Ondra1063
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 20 bře 2019 14:30

Re: Prosím o kontrolu logu zda se mi počitač pomalý

#9 Příspěvek od Ondra1063 »

Děkuji, už se zrychlil a jedou mi i stranky které mi nefungovali. Ještě jednou dik.

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu zda se mi počitač pomalý

#10 Příspěvek od Diallix »

Za malicko :]]
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Zamčeno