Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Po spuštění se načítají internetové stránky

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
cormack
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 02 kvě 2008 06:18

Po spuštění se načítají internetové stránky

#1 Příspěvek od cormack »

Dobrý den,
náhle mi po startu PC po přihlášení do Win 10 jakoby problikne příkazový řádek a pak se otevře Chrome s erotickou stránkou s azbukou.
Určitě mám nějakou škodnou v PC.
Proto Vás prosím o kontrolu logu.
Děkuji.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05.2019 01
Ran by Zbyse (administrator) on ZBYSEK (15-05-2019 22:20:16)
Running from C:\Users\Zbyse\Desktop
Loaded Profiles: Zbyse (Available Profiles: Zbyse)
Platform: Windows 10 Home Version 1809 17763.503 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19041.481.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Supgam\Coretemp\Core Temp.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(VIA Technologies Inc. -> VIA TECH) C:\Program Files (x86)\VIA\VIAudioi\EnvyADeck\EnMixCPL.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [EnvyHFCPL] => C:\Program Files (x86)\VIA\VIAudioi\EnvyADeck\EnMixCPL.exe [543352 2012-11-23] (VIA Technologies Inc. -> VIA TECH)
HKLM-x32\...\Run: [CLMLServer_For_P2G10] => C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe [110008 2015-07-13] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\Run: [Zbyse] => cmd.exe /c start http://www.dinoraptzor.org
HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\MountPoints2: {85dd23d0-435a-11e9-af31-c86000168fe3} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\MountPoints2: {8b09c364-33c3-11e9-af30-c86000168fe3} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\MountPoints2: {da009285-51aa-11e9-af34-c86000168fe3} - "G:\Setup.exe"
HKLM\...\Drivers32: [vidc.x264] => x264vfw.dll
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-09-29] () [File not signed]
HKLM\...\Drivers32-x32: [vidc.x264] => x264vfw.dll
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\AC3ACM.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\Installer\chrmstp.exe [2019-05-14] (Google LLC -> Google Inc.)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2019-04-14]
ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {036324E5-0AB5-4B8D-ADA7-9EAD960B23BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {079E195A-AE4F-4A6C-8B5E-432FB177640B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {07BF3723-915D-4175-8B14-430E4A228A34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A8C5DF8-D479-4039-AF26-5970E2651020} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-26] (Google Inc -> Google Inc.)
Task: {12C9494F-9ED4-4E69-B115-06AB3B9D42B6} - System32\Tasks\S-1-5-21-2875399751-1358015588-351649890-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [134144 2019-03-03] (Microsoft Windows -> Microsoft Corporation)
Task: {206762CB-F79C-4EC4-8FF6-A7C2D79476B1} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2271BAA8-F5BB-4B7F-96E8-BB0724814C23} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439368 2019-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D6BC355-78AF-4D58-B460-1107C61116D2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CF1D74A-8F20-47D0-B358-610D5A20E090} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26197088 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {53041C29-0E5C-4D14-B967-4366F00EF1CA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439368 2019-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {57BFA6B1-E556-46DE-A2F1-BBF1D7C48DEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {729A8C68-5635-4185-A041-FD5A6E9559E1} - System32\Tasks\Zbyse => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Zbyse /t REG_SZ /d "cmd.exe /c start http://www.dinoraptzor.org"
Task: {77BA95A2-B8A5-462E-BBB4-0450543C6834} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {85B29CA8-CF05-42E2-8CB1-EE2EE077B06E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [590704 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B99E4416-53E2-43C1-81BD-8BAE8B602459} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648048 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BA2F98B1-85D8-4BE6-89FB-D04E9740D933} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3728752 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C53F47E1-039F-466F-B29B-3717C43B69CB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112672 2019-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9B4CEF1-B27E-499B-8837-BDB7276CC3D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-26] (Google Inc -> Google Inc.)
Task: {D1917728-BB71-4E45-82F8-8F82CA485CAA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D1FD787D-04B9-4495-B711-9E9D5761B990} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D30D2CAC-9412-413F-821C-F122EE47F634} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DEA16CD0-505B-4B6C-A2DB-2C700167B79E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3DA77BC-7683-48FF-98E4-4E05848B2E29} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26197088 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA76DCC3-A288-48E4-8117-2815F79C3325} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EAD6F971-1C59-451A-9977-959D7EDE17F5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112672 2019-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F52A5316-F6F8-4A53-A72A-322D671DEDC1} - System32\Tasks\Core Temp Autostart Zbyse => C:\Supgam\Coretemp\Core Temp.exe [848336 2012-01-25] () [File not signed]
Task: {F9C1EA93-3BE1-4514-B21B-CC84BC9588B9} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-zbysek1968@outlook.cz => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-2875399751-1358015588-351649890-1001] => Proxy is enabled.
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{22271460-578f-4a4f-be66-b52f01a0bfc0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a300576b-445e-4aa4-908e-91d1fbd1944c}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 1ebn21zf.default-1543520244075
FF ProfilePath: C:\Users\Zbyse\AppData\Roaming\Mozilla\Firefox\Profiles\1ebn21zf.default-1543520244075 [2019-05-11]
FF Homepage: Mozilla\Firefox\Profiles\1ebn21zf.default-1543520244075 -> hxxps://www.seznam.cz/
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\Zbyse\AppData\Roaming\Mozilla\Firefox\Profiles\1ebn21zf.default-1543520244075\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-09]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchKeyword: Default -> google.cz_
CHR Profile: C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Default [2019-05-15]
CHR Extension: (Dokumenty) - C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (LIVESCORE SOCCER) - C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Default\Extensions\gibfflggfgeemmkaifokfjanokokcjfg [2017-04-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-24]
CHR Extension: (Browse Faster) - C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponhjlldbpnmeieenmaacddmlfpdielh [2018-02-18]
CHR Profile: C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-30]
CHR Profile: C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-09-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-19]
CHR Extension: (Chrome Media Router) - C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-19]
CHR Profile: C:\Users\Zbyse\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-30]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11147264 2019-05-07] (Microsoft Corporation -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; D:\Programy\3D Mark\info\FMSISvc.exe [342456 2019-04-24] (FUTUREMARK INC -> Futuremark)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2015-11-20] (Microsoft Corporation -> Microsoft Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-12-07] (Hewlett-Packard Company) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-02-16] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [288768 2019-03-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALSysIO; C:\TEMP\ALSysIO64.sys [25064 2019-05-15] (CPUID -> Arthur Liberman)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 CLVirtualBus01; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [103176 2014-11-05] (CyberLink Corp. -> CyberLink)
R3 DE_USBAUDIO; C:\WINDOWS\system32\drivers\de_usbaudio.sys [154696 2018-01-25] (Microsoft Windows Hardware Compatibility Publisher -> D&M Holdings Inc.)
S3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2017-06-19] (Power Technology -> Windows (R) Win 7 DDK provider)
S3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c65x64.sys [472016 2017-01-05] (Intel(R) INTELNPG1 -> Intel Corporation)
R3 Envy24HFS; C:\WINDOWS\system32\drivers\Envy24HF.sys [228368 2012-10-25] (VIA Technologies Inc. -> VIA - IC Ensemble, Inc.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [26528 2017-01-05] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bfe69934a6b764ef\nvlddmkm.sys [21672560 2019-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 usbaudio2; C:\WINDOWS\system32\DRIVERS\usbaudio2.sys [235520 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz132; \??\C:\WINDOWS\TEMP\cpuz132\cpuz132_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-15 22:20 - 2019-05-15 22:20 - 000026016 ____C C:\Users\Zbyse\Desktop\FRST.txt
2019-05-15 21:56 - 2019-05-15 21:56 - 020814848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-15 21:56 - 2019-05-15 21:56 - 019022336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-15 21:56 - 2019-05-15 21:56 - 006072320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-15 21:56 - 2019-05-15 21:56 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-15 21:56 - 2019-05-15 21:56 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-15 21:56 - 2019-05-15 21:56 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-15 21:56 - 2019-05-15 21:56 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-15 21:56 - 2019-05-15 21:56 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-15 21:56 - 2019-05-15 21:56 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-15 21:56 - 2019-05-15 21:56 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-15 21:56 - 2019-05-15 21:56 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-15 21:56 - 2019-05-15 21:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-15 21:55 - 2019-05-15 21:56 - 003905536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 026807808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 023438848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 007879680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 007645384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 005498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 004660736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-15 21:55 - 2019-05-15 21:55 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-15 21:55 - 2019-05-15 21:55 - 002780000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 002708480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-15 21:55 - 2019-05-15 21:55 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-15 21:55 - 2019-05-15 21:55 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 001699496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-15 21:55 - 2019-05-15 21:55 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 001470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 001342608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-15 21:55 - 2019-05-15 21:55 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 001253904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 001225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-15 21:55 - 2019-05-15 21:55 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 001048376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000807464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 000758896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000586280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-05-15 21:55 - 2019-05-15 21:55 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 000508432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000444944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000254952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-15 21:55 - 2019-05-15 21:55 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-15 21:55 - 2019-05-15 21:55 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-15 21:55 - 2019-05-15 21:55 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-15 21:55 - 2019-05-15 21:55 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-15 21:55 - 2019-05-15 21:55 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-15 21:55 - 2019-05-15 21:55 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-15 21:55 - 2019-05-15 21:55 - 000179728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-15 21:55 - 2019-05-15 21:55 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-15 21:55 - 2019-05-15 21:55 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000147736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-05-15 21:55 - 2019-05-15 21:55 - 000090640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000080184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-15 21:55 - 2019-05-15 21:55 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-15 21:55 - 2019-05-15 21:55 - 000066688 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-15 21:55 - 2019-05-15 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-05-15 21:55 - 2019-05-15 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-05-15 21:55 - 2019-05-15 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-05-15 21:55 - 2019-05-15 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-05-15 21:55 - 2019-05-15 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-05-15 21:55 - 2019-05-15 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-05-15 21:55 - 2019-05-15 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-05-15 21:55 - 2019-05-15 21:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-05-14 19:57 - 2019-05-14 19:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-05-11 23:33 - 2019-05-07 21:56 - 011051912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-05-11 23:33 - 2019-05-07 21:56 - 009486536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-05-11 23:33 - 2019-05-07 21:56 - 001006800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-05-11 23:33 - 2019-05-07 21:56 - 001006800 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-05-11 23:33 - 2019-05-07 21:56 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-05-11 23:33 - 2019-05-07 21:56 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-05-11 23:33 - 2019-05-07 21:56 - 000552328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-05-11 23:33 - 2019-05-07 21:56 - 000457096 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-05-11 23:33 - 2019-05-07 21:56 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-05-11 23:33 - 2019-05-07 21:56 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-05-11 23:33 - 2019-05-07 21:56 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-05-11 23:33 - 2019-05-07 21:56 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-05-11 23:33 - 2019-05-07 21:55 - 002039688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-05-11 23:33 - 2019-05-07 21:55 - 001470856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-05-11 23:33 - 2019-05-07 21:55 - 001134016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-05-11 23:33 - 2019-05-07 21:55 - 000821152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-05-11 23:33 - 2019-05-07 21:55 - 000675416 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-05-11 23:33 - 2019-05-07 21:55 - 000631232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-05-11 23:33 - 2019-05-07 21:55 - 000541656 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-05-11 23:33 - 2019-05-07 21:55 - 000521472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-05-11 23:33 - 2019-05-07 21:54 - 040412760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-05-11 23:33 - 2019-05-07 21:54 - 035270232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-05-11 23:33 - 2019-05-07 21:54 - 020187904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-05-11 23:33 - 2019-05-07 21:54 - 017465512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-05-11 23:33 - 2019-05-07 21:54 - 005421960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-05-11 23:33 - 2019-05-07 21:54 - 004758728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-05-11 23:33 - 2019-05-07 21:54 - 001721600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443064.dll
2019-05-11 23:33 - 2019-05-07 21:54 - 001540488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-05-11 23:33 - 2019-05-07 21:54 - 001467648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443064.dll
2019-05-11 23:33 - 2019-05-07 21:54 - 001162448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-05-11 23:33 - 2019-05-07 21:54 - 000911616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-05-11 23:33 - 2019-05-07 21:54 - 000808840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-05-11 23:33 - 2019-05-07 21:54 - 000654080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-05-11 23:33 - 2019-05-07 21:51 - 004340120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-05-11 23:33 - 2019-05-06 07:35 - 000052319 _____ C:\WINDOWS\system32\nvinfo.pb
2019-05-04 19:06 - 2019-05-04 19:06 - 012844032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-04 19:06 - 2019-05-04 19:06 - 012140032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-04 19:06 - 2019-05-04 19:06 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-05-04 19:06 - 2019-05-04 19:06 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-05-04 19:06 - 2019-05-04 19:06 - 003406848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2019-05-04 19:06 - 2019-05-04 19:06 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-04 19:06 - 2019-05-04 19:06 - 002205184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2019-05-04 19:06 - 2019-05-04 19:06 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2019-05-04 19:06 - 2019-05-04 19:06 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2019-05-04 19:06 - 2019-05-04 19:06 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-04 19:06 - 2019-05-04 19:06 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-05-04 19:06 - 2019-05-04 19:06 - 000263576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-05-04 19:06 - 2019-05-04 19:06 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-04 19:06 - 2019-05-04 19:06 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-05-04 19:06 - 2019-05-04 19:06 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-05-04 19:05 - 2019-05-04 19:05 - 005296640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 002701512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 001768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 001674696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 001653760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 001467552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 001382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 001219640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000806600 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-04 19:05 - 2019-05-04 19:05 - 000806600 _____ C:\WINDOWS\system32\locale.nls
2019-05-04 19:05 - 2019-05-04 19:05 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000780632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000725696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000676256 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-05-04 19:05 - 2019-05-04 19:05 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000638376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000553656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000514632 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-05-04 19:05 - 2019-05-04 19:05 - 000451080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-05-04 19:05 - 2019-05-04 19:05 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-05-04 19:05 - 2019-05-04 19:05 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-04 19:05 - 2019-05-04 19:05 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2019-05-04 19:05 - 2019-05-04 19:05 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000280592 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2019-05-04 19:05 - 2019-05-04 19:05 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2019-05-04 19:05 - 2019-05-04 19:05 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2019-05-04 19:05 - 2019-05-04 19:05 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000157200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-05-04 19:05 - 2019-05-04 19:05 - 000086960 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-05-04 19:05 - 2019-05-04 19:05 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2019-05-02 15:25 - 2019-05-02 15:25 - 000000000 ____D C:\Users\Zbyse\AppData\Roaming\NVIDIA
2019-05-02 13:34 - 2019-05-02 13:34 - 000000933 _____ C:\Users\Public\Desktop\3DMark03.lnk
2019-05-01 22:31 - 2019-05-01 22:31 - 000000000 ____D C:\Program Files (x86)\Futuremark
2019-05-01 21:55 - 2019-05-14 19:57 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-01 21:55 - 2019-05-14 19:57 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-01 21:55 - 2019-05-14 19:57 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-01 21:55 - 2019-05-14 19:57 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-05-01 21:55 - 2019-05-14 19:57 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-05-01 21:55 - 2019-05-14 19:57 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-05-01 21:36 - 2019-05-01 21:36 - 000000877 _____ C:\Users\Public\Desktop\3DMark Vantage.lnk
2019-05-01 21:35 - 2019-05-01 21:35 - 000000000 ____D C:\WINDOWS\SysWOW64\AGEIA
2019-05-01 21:35 - 2019-05-01 21:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGEIA
2019-05-01 21:35 - 2019-05-01 21:35 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2019-05-01 21:33 - 2019-05-02 21:07 - 000001015 _____ C:\Users\Public\Desktop\3DMark 11.lnk
2019-05-01 21:33 - 2019-05-01 21:33 - 000000933 _____ C:\Users\Public\Desktop\3DMark06.lnk
2019-05-01 21:31 - 1999-11-02 10:01 - 000006173 ____N C:\WINDOWS\SysWOW64\Entech.vxd
2019-05-01 21:30 - 2001-11-16 15:23 - 000009474 _____ C:\WINDOWS\SysWOW64\Drivers\PciBus.vxd
2019-05-01 21:16 - 2019-05-06 04:43 - 005432176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-05-01 21:16 - 2019-05-06 04:43 - 002637808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-05-01 21:16 - 2019-05-06 04:43 - 001767736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-05-01 21:16 - 2019-05-06 04:43 - 000651248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-05-01 21:16 - 2019-05-06 04:43 - 000450416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-05-01 21:16 - 2019-05-06 04:43 - 000125424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-05-01 21:16 - 2019-05-06 04:43 - 000082984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-05-01 21:16 - 2019-04-25 21:45 - 008571382 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-05-01 21:15 - 2019-03-07 08:03 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-05-01 21:14 - 2019-05-01 21:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-05-01 21:10 - 2019-05-07 21:51 - 005085152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-05-01 21:10 - 2019-04-18 19:02 - 001722064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443039.dll
2019-05-01 21:10 - 2019-04-18 19:02 - 001467648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443039.dll
2019-04-25 16:55 - 2019-04-27 21:32 - 000000222 ____C C:\Users\Zbyse\Desktop\Farming Simulator 17.url
2019-04-25 16:49 - 2019-04-25 16:49 - 000003528 _____ C:\WINDOWS\System32\Tasks\Zbyse
2019-04-16 18:28 - 2019-04-16 18:28 - 007025360 ____C (Malwarebytes) C:\Users\Zbyse\Desktop\adwcleaner_7.3.exe
2019-04-16 18:17 - 2019-04-16 18:17 - 000001165 _____ C:\Users\Public\Desktop\LibreOffice 6.2.lnk
2019-04-16 18:17 - 2019-04-16 18:17 - 000000000 ____D C:\Users\Zbyse\AppData\Roaming\LibreOffice
2019-04-16 18:17 - 2019-04-16 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2
2019-04-16 18:16 - 2019-04-16 18:16 - 000000000 ____D C:\Program Files\LibreOffice

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-15 22:20 - 2019-02-11 19:26 - 000000000 ____D C:\FRST
2019-05-15 22:20 - 2018-03-28 21:09 - 000000000 ____D C:\TEMP
2019-05-15 22:19 - 2016-11-26 21:05 - 000000000 ___DC C:\Users\Zbyse\AppData\Roaming\foobar2000
2019-05-15 22:14 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-15 22:09 - 2019-02-16 16:22 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-15 22:09 - 2018-09-15 19:32 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-15 22:09 - 2018-09-15 19:32 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-15 22:09 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-05-15 22:05 - 2019-02-11 19:26 - 002434560 _____ (Farbar) C:\Users\Zbyse\Desktop\FRST64.exe
2019-05-15 22:05 - 2017-04-06 18:42 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-15 22:03 - 2019-02-16 16:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-15 22:03 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-15 22:00 - 2019-02-16 16:09 - 000646512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-15 21:59 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-15 21:59 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-15 21:58 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-15 21:55 - 2015-10-30 10:13 - 000408530 __RSH C:\bootmgr
2019-05-15 19:14 - 2019-02-16 16:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-15 18:19 - 2019-03-27 23:13 - 000003472 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 18:19 - 2019-03-27 23:13 - 000003348 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-15 17:40 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-15 17:40 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-15 17:37 - 2019-02-16 16:23 - 000003696 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-zbysek1968@outlook.cz
2019-05-15 00:05 - 2018-09-15 09:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-15 00:05 - 2018-09-15 09:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-15 00:05 - 2016-11-26 20:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-15 00:03 - 2016-11-26 20:39 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-14 23:49 - 2017-06-29 18:29 - 000000000 ___DC C:\Users\Zbyse\AppData\Roaming\uTorrent
2019-05-14 23:19 - 2016-11-26 20:16 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-14 19:57 - 2016-12-08 23:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-05-14 19:41 - 2016-12-06 19:02 - 000000000 ____D C:\Program Files (x86)\Steam
2019-05-12 10:26 - 2019-02-16 16:23 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2875399751-1358015588-351649890-1001
2019-05-12 10:26 - 2019-02-16 16:14 - 000002361 ____C C:\Users\Zbyse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-12 10:26 - 2016-11-26 20:10 - 000000000 ___RD C:\Users\Zbyse\OneDrive
2019-05-11 23:18 - 2017-06-30 15:08 - 000000000 ___DC C:\Users\Zbyse\AppData\Roaming\AIMP
2019-05-11 20:26 - 2018-02-04 17:04 - 000000000 ___DC C:\Users\Zbyse\AppData\LocalLow\Mozilla
2019-05-06 17:01 - 2019-03-29 19:50 - 000000000 ____D C:\Users\Zbyse\AppData\Roaming\.minecraft
2019-05-05 03:47 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-05 03:47 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-03 17:48 - 2018-02-13 21:56 - 000000000 ___DC C:\Users\Zbyse\Documents\AquaMark3
2019-05-02 23:24 - 2018-11-22 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2019-05-02 22:39 - 2017-05-17 21:11 - 000000000 ___DC C:\Users\Zbyse\Documents\Euro Truck Simulator 2
2019-05-02 21:07 - 2016-12-28 22:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2019-05-02 21:07 - 2016-11-26 20:22 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-02 17:14 - 2016-11-26 20:33 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-05-01 22:40 - 2017-06-08 21:18 - 000000000 ___DC C:\Users\Zbyse\Documents\3DMark 11
2019-05-01 22:30 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-01 22:27 - 2019-02-16 16:14 - 000000000 ____D C:\Users\Zbyse
2019-05-01 21:16 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Help
2019-05-01 21:16 - 2017-04-06 18:42 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-05-01 21:15 - 2017-04-06 18:42 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-05-01 21:15 - 2017-04-06 18:42 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-04-23 22:42 - 2018-03-28 21:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-23 15:41 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2018-05-11 18:02 - 2018-05-11 18:02 - 000000171 ____C () C:\Users\Zbyse\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2018-05-11 18:02 - 2018-05-11 18:02 - 000000304 ____C () C:\Users\Zbyse\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2017-04-01 22:36 - 2017-04-01 22:36 - 000000132 ____C () C:\Users\Zbyse\AppData\Roaming\Adobe Formát AIFF CS6 – předvolby
2018-05-11 18:02 - 2018-05-11 18:02 - 000000175 ____C () C:\Users\Zbyse\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2018-03-14 00:31 - 2018-03-14 00:40 - 000015814 ____C () C:\Users\Zbyse\AppData\Roaming\log_031318_233106.txt
2018-03-16 01:53 - 2018-03-16 01:58 - 000007812 ____C () C:\Users\Zbyse\AppData\Roaming\log_031618_005340.txt
2017-10-12 18:52 - 2017-10-12 18:52 - 000000080 ____C () C:\Users\Zbyse\AppData\Roaming\log_101217_185219.txt
2017-10-12 18:52 - 2017-10-12 18:52 - 000000080 ____C () C:\Users\Zbyse\AppData\Roaming\log_101217_185230.txt
2017-10-12 18:53 - 2017-10-12 19:32 - 000036912 ____C () C:\Users\Zbyse\AppData\Roaming\log_101217_185304.txt
2017-10-12 20:54 - 2017-10-12 21:28 - 000035652 ____C () C:\Users\Zbyse\AppData\Roaming\log_101217_205402.txt
2017-11-21 22:40 - 2017-11-21 22:42 - 000003314 ____C () C:\Users\Zbyse\AppData\Roaming\log_112117_214050.txt
2016-11-26 20:48 - 2019-02-05 17:40 - 000000600 ____C () C:\Users\Zbyse\AppData\Roaming\winscp.rnd
2018-04-26 23:23 - 2019-04-29 23:13 - 000054272 ____C () C:\Users\Zbyse\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-15 18:58 - 2018-11-09 17:39 - 000003523 ____C () C:\Users\Zbyse\AppData\Local\FSDownloader.err
2016-12-15 18:57 - 2018-11-09 17:39 - 000001168 ____C () C:\Users\Zbyse\AppData\Local\FSDownloader.nast
2017-05-27 22:15 - 2017-05-27 22:15 - 000140800 ____C () C:\Users\Zbyse\AppData\Local\installer.dat
2018-09-28 18:30 - 2018-09-28 18:30 - 000000000 ____C () C:\Users\Zbyse\AppData\Local\oobelibMkey.log
2017-01-03 18:01 - 2018-10-15 10:16 - 000007656 ____C () C:\Users\Zbyse\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05.2019 01
Ran by Zbyse (15-05-2019 22:20:58)
Running from C:\Users\Zbyse\Desktop
Windows 10 Home Version 1809 17763.503 (X64) (2019-02-16 14:24:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2875399751-1358015588-351649890-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2875399751-1358015588-351649890-503 - Limited - Disabled)
Guest (S-1-5-21-2875399751-1358015588-351649890-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2875399751-1358015588-351649890-504 - Limited - Disabled)
Zbyse (S-1-5-21-2875399751-1358015588-351649890-1001 - Administrator - Enabled) => C:\Users\Zbyse

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark 11 (HKLM\...\{FD67BFA0-E205-47AA-BA09-123B3B72DB5E}) (Version: 1.0.132.0 - Futuremark) Hidden
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.0.1.1 - Futuremark Corporation)
3DMark03 (HKLM-x32\...\{FF35F637-72B9-43BE-A281-06EB2854393A}) (Version: 3.6.2 - Futuremark Corporation)
3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.0.2 - Futuremark)
AC-3 ACM Codec 2.2 (HKLM-x32\...\AC3ACM) (Version: 2.2 - fccHandler)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2017 (HKLM-x32\...\DRWV_17_0_0) (Version: 17.0.0 - Adobe Systems Incorporated)
AGEIA PhysX v7.09.13 (HKLM-x32\...\{45235788-142C-44BE-8A4D-DDE9A84492E5}) (Version: 7.09.13 - AGEIA Technologies, Inc.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Altap Salamander 3.0 (x64) (HKLM\...\Altap Salamander 3.0 (x64)) (Version: 3.0 - ALTAP)
Aperio ImageScope (HKLM-x32\...\{A5856584-F090-4FD3-BA95-34E6D85546B1}) (Version: 9.01 - )
AquaMark3 (HKLM-x32\...\AquaMark3) (Version: - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.23.0 - Asmedia Technology)
Aurora (HKLM-x32\...\{396a1805-d31e-419f-839d-7f041740f826}) (Version: 1.0.1.682 - Macphun)
Aurora (HKLM-x32\...\{57F1980E-883E-449D-BDAE-C9F0A35E2C5C}) (Version: 1.0.1.682 - Macphun) Hidden
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - GPL Public release.)
Balíček ovladače systému Windows - Microsoft USBDevice (02/19/2016 1.0.0.0) (HKLM\...\01D4AA89568B59E5941907D403E3B682EE413AB7) (Version: 02/19/2016 1.0.0.0 - Microsoft)
BenVista PhotoZoom Pro 7.1 (HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\PhotoZoom Pro 7) (Version: 7.1 - BenVista Ltd.)
Black Mesa verze 0.2.1 (HKLM-x32\...\Black Mesa_is1) (Version: 0.2.1 - Tomi2k9)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
CrystalDiskMark 5.2.0 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.2.0 - Crystal Dew World)
CyberLink Power2Go 10 (HKLM-x32\...\{7E2D87F3-F3BC-4fa5-9F72-BF021ED66CB3}) (Version: 10.0.1913.0 - CyberLink Corp.)
DSD Transcoder ASIO Driver (HKLM-x32\...\DSDTranscoder) (Version: 1.0.6 - Maxim V.Anisiutkin)
DVDFab (x64) 10.0.9.0 (20/04/2018) (HKLM-x32\...\DVDFab 10(x64)) (Version: 10.0.9.0 - Fengtao Software Inc.)
Easy CD-DA Extractor 16 (HKLM-x32\...\Easy CD-DA Extractor 16) (Version: 16.0.9 - Poikosoft)
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
Far Cry 5 (HKLM-x32\...\Far Cry 5_is1) (Version: - )
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version: - Ubisoft)
Farming Simulator 19 v.1.1.0.0 (HKLM-x32\...\Farming Simulator 19_is1) (Version: - )
ffdshow v1.3.4533 [2014-09-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4533.0 - )
FFU Loader Driver 1.0.0 (HKLM-x32\...\{7209d085-ed88-4a08-beb2-c49db2b9e838}) (Version: 1.0.0 - Microsoft)
FFU Loader Driver 1.0.0 (HKLM-x32\...\{CA839C49-B3D1-4EA6-BB8A-21937B808771}) (Version: 1.0.0 - Microsoft) Hidden
foobar2000 v1.3.14 (HKLM-x32\...\foobar2000) (Version: 1.3.14 - Peter Pawlowski)
Futuremark SystemInfo (HKLM-x32\...\{1599A1EF-B5C6-4553-8E04-3B02E6C9E958}) (Version: 5.17.704.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.157 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Half.Life.2.Prospekt.REPACK-KaOs Uninstaller v3.0 (HKLM-x32\...\Half.Life.2.Prospekt.REPACK-KaOs_is1) (Version: 3.0 - KaOsKrew)
Helicon Focus (HKLM\...\Helicon Focus 7_is1) (Version: - Helicon Soft Ltd.)
Chess Ultra (HKLM-x32\...\Chess Ultra_is1) (Version: - )
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
Jurassic World Evolution (HKLM-x32\...\Jurassic World Evolution_is1) (Version: - )
Just Cause 4 (HKLM-x32\...\{D1F33AFE-757B-4A27-9F96-D507177C3E40}_is1) (Version: - Avalanche Studios)
LibreOffice 6.2.2.2 (HKLM\...\{7B486711-D8E3-41F4-A518-D709CD62C3D1}) (Version: 6.2.2.2 - The Document Foundation)
LightScribe Applications (HKLM-x32\...\{16F5ADDD-6EFD-411A-9013-8DD2C629FE53}) (Version: 1.18.27.10 - LightScribe)
LightScribe System Software 1.17.90.1 (HKLM-x32\...\{CB16F6D9-EBC9-4BC6-B917-7AF53E99C067}) (Version: 1.17.90.1 - LightScribe)
MadOnion.com/3DMark2001 SE (HKLM-x32\...\{91B323B5-A79C-4D23-BD6D-046C565F9BCF}) (Version: - )
MediaInfo 0.7.95 (HKLM\...\MediaInfo) (Version: 0.7.95 - MediaArea.net)
Microsoft Office Professional 2019 - cs-cz (HKLM\...\Professional2019Retail - cs-cz) (Version: 16.0.11601.20178 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MKVToolNix 33.1.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 33.1.0 - Moritz Bunkus)
Mozilla Firefox 65.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 65.0.2 (x64 cs)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.1 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.64 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11601.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11601.20178 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.64 - NVIDIA Corporation) Hidden
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.) Hidden
RarmaRadio 2.71.6 (HKLM-x32\...\RarmaRadio_is1) (Version: - RaimerSoft)
Serious Sam 2 verze 2.070 (HKLM-x32\...\{C5E4298B-3581-4AAD-9FAF-2FE76C07EFC8}_is1) (Version: 2.070 - Croteam)
Serious Sam 3 (HKLM-x32\...\Serious Sam 3_is1) (Version: 249955 - Croteam)
Signalyst HQPlayer Desktop 3 (HKLM-x32\...\HQPlayer Desktop 3) (Version: - Signalyst)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subnautica (HKLM-x32\...\Subnautica_is1) (Version: - )
Ulož.to FileManager verze 2.71 (HKLM-x32\...\{7DE5EA5D-C933-4549-9A44-5BC671F23BBF}_is1) (Version: 2.71 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
USB Audio (HKLM\...\{AB08F6D7-B0F6-446B-91AC-35550ED76C57}) (Version: 2.0.3.0 - Denon)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Will Rock (HKLM-x32\...\{58DB5417-E1FF-4EF6-A93C-592D35F01E84}) (Version: 1.0 - )
Windows IP Over USB (HKLM-x32\...\{FF0EA481-42DB-A8AE-8356-48C09F7D953D}) (Version: 10.1.10586.15 - Microsoft Corporation)
Windows Phone IP Over USB (HKLM-x32\...\{E7C8E5D3-9EDC-4430-8AEF-FD590937F55F}) (Version: 10.0.10240.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinSCP 5.13.4 (HKLM-x32\...\winscp3_is1) (Version: 5.13.4 - Martin Prikryl)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)

Packages:
=========
AnTuTu Benchmark v6 -> C:\Program Files\WindowsApps\EB66D994.57668EA599D71_6.0.5.0_x64__23tp29cghkfnw [2017-01-14] (北京安兔兔科技有限公司)
Cinebench -> C:\Program Files\WindowsApps\MAXONComputerGmbH.Cinebench_20.0.4.0_x64__rsne5bsk8s7tj [2019-03-11] (MAXON Computer GmbH)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-13] (Microsoft Corporation)
EdgeDevtoolsPlugin -> C:\Windows\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-02-16] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2875399751-1358015588-351649890-1001_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\Program Files\MediaInfo\MediaInfo_InfoTip.dll (MediaArea.net -> MediaArea.net)
CustomCLSID: HKU\S-1-5-21-2875399751-1358015588-351649890-1001_Classes\CLSID\{C78B6146-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (ALTAP) [File not signed]
CustomCLSID: HKU\S-1-5-21-2875399751-1358015588-351649890-1001_Classes\CLSID\{C78B614C-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Supgam\Altap Salamander 3.06 (x86 x64) 2015 CZ (Ml) Portable\utils\salextx64.dll (ALTAP) [File not signed]
CustomCLSID: HKU\S-1-5-21-2875399751-1358015588-351649890-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-12-03] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [CLVDShellExt10] -> {4682CEF2-C2F9-457B-83E0-3D6EBA418565} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt10.dll [2015-07-14] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [EzCddax] -> {31415D58-4750-4413-A95B-83D151F50040} => C:\Program Files\Easy CD-DA Extractor 16\ezcddax64.dll [2012-01-24] (Poikosoft -> Poikosoft)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt10] -> {4682CEF2-C2F9-457B-83E0-3D6EBA418565} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt10.dll [2015-07-14] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-12-03] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [EzCddax] -> {31415D58-4750-4413-A95B-83D151F50040} => C:\Program Files\Easy CD-DA Extractor 16\ezcddax64.dll [2012-01-24] (Poikosoft -> Poikosoft)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-11-26 20:43 - 2012-01-25 14:59 - 000848336 _____ () [File not signed] C:\Supgam\Coretemp\Core Temp.exe
2016-12-13 18:44 - 2014-03-31 13:14 - 000013312 _____ (ALTAP) [File not signed] C:\Program Files\Altap Salamander\utils\salextx64.dll
2016-12-13 18:50 - 2015-02-27 13:41 - 000013312 _____ (ALTAP) [File not signed] C:\Supgam\Altap Salamander 3.06 (x86 x64) 2015 CZ (Ml) Portable\utils\salextx64.dll
2008-12-07 00:28 - 2008-12-07 00:28 - 000033280 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
2008-12-07 00:28 - 2008-12-07 00:28 - 000110592 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
2008-12-07 00:28 - 2008-12-07 00:28 - 000073728 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
2015-11-19 22:03 - 2015-11-19 22:03 - 000247808 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2018-03-28 22:18 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2875399751-1358015588-351649890-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Zbyse\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "Universal Media Server.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "OODefragTray"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\StartupApproved\StartupFolder: => "ahmedatef.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe (Microsoft Windows -> )
FirewallRules: [UDP Query User{550EA559-3917-40D1-A68F-F4373C927273}D:\games\subnauticazero\subnauticazero.exe] => (Allow) D:\games\subnauticazero\subnauticazero.exe () [File not signed]
FirewallRules: [TCP Query User{7F24439C-75BB-4819-A5C1-77502663CC70}D:\games\subnauticazero\subnauticazero.exe] => (Allow) D:\games\subnauticazero\subnauticazero.exe () [File not signed]
FirewallRules: [UDP Query User{CD1EDCA1-DED7-4575-8231-8DA57AE5E90D}D:\hry\hl2 umc-2014\steamapps\engine_218_2010\hl2.exe] => (Allow) D:\hry\hl2 umc-2014\steamapps\engine_218_2010\hl2.exe () [File not signed]
FirewallRules: [TCP Query User{D0658DA3-A34D-424B-B9CA-0818617D3405}D:\hry\hl2 umc-2014\steamapps\engine_218_2010\hl2.exe] => (Allow) D:\hry\hl2 umc-2014\steamapps\engine_218_2010\hl2.exe () [File not signed]
FirewallRules: [UDP Query User{CB400FD0-ED85-443B-99AA-8FCF8156B7D5}D:\hry\hl2 umc-2014\steamapps\engine_215_2009\hl2.exe] => (Allow) D:\hry\hl2 umc-2014\steamapps\engine_215_2009\hl2.exe () [File not signed]
FirewallRules: [TCP Query User{F1A4FB1C-2A18-4DF4-8BD2-12D7068BB899}D:\hry\hl2 umc-2014\steamapps\engine_215_2009\hl2.exe] => (Allow) D:\hry\hl2 umc-2014\steamapps\engine_215_2009\hl2.exe () [File not signed]
FirewallRules: [UDP Query User{D490C34A-DC79-4EDC-9781-F79C60DB6CE8}C:\program files\signalyst\hqplayer desktop 3\hqplayer-desktop.exe] => (Allow) C:\program files\signalyst\hqplayer desktop 3\hqplayer-desktop.exe (Signalyst -> )
FirewallRules: [TCP Query User{43AEFBB9-31E4-419F-86D6-F01F529EED5F}C:\program files\signalyst\hqplayer desktop 3\hqplayer-desktop.exe] => (Allow) C:\program files\signalyst\hqplayer desktop 3\hqplayer-desktop.exe (Signalyst -> )
FirewallRules: [{F7B47109-6750-4793-9BCB-5C26A8B10E91}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B90F4A10-2C46-4894-811E-4CAD9E244D3C}D:\hry\serious sam 3\steamapps\common\serious sam 3\bin\sam3.exe] => (Allow) D:\hry\serious sam 3\steamapps\common\serious sam 3\bin\sam3.exe (GHI Media LLC -> Croteam) [File not signed]
FirewallRules: [TCP Query User{2E8FF68B-1EDF-43F5-BDC6-CAE679F4EE48}D:\hry\serious sam 3\steamapps\common\serious sam 3\bin\sam3.exe] => (Allow) D:\hry\serious sam 3\steamapps\common\serious sam 3\bin\sam3.exe (GHI Media LLC -> Croteam) [File not signed]
FirewallRules: [{D4E13A86-374C-4242-893F-7AB96207B76D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B5F6EF0A-9E85-4EFB-A1B8-0C34AB7A915A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{92C3B664-8F36-4AD0-B861-C122479C1126}] => (Allow) D:\Programy\Steam\steamapps\common\Just Cause 2\JustCause2.exe (Valve Corp. -> Avalanche Studios)
FirewallRules: [{D5FBD69D-C4E3-4E8B-A521-4FDDA5E334C9}] => (Allow) D:\Programy\Steam\steamapps\common\Just Cause 2\JustCause2.exe (Valve Corp. -> Avalanche Studios)
FirewallRules: [{79911ABD-54BD-4782-93E8-B9958E6661C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{524C1475-1AA6-4C74-A327-CEC89F1E0867}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{30C14A58-C986-4C67-BDE0-FF809140D19F}C:\program files\dvdfab 10\dvdfab64.exe] => (Allow) C:\program files\dvdfab 10\dvdfab64.exe (Fengtao Software Inc. -> FengTao Software Inc.)
FirewallRules: [TCP Query User{1553784E-F293-43B1-8E46-77F0B952E914}C:\program files\dvdfab 10\dvdfab64.exe] => (Allow) C:\program files\dvdfab 10\dvdfab64.exe (Fengtao Software Inc. -> FengTao Software Inc.)
FirewallRules: [UDP Query User{ECD26B94-D4DF-465F-9DCF-C73754CB1430}C:\program files (x86)\rarmaradio\rarmaradio.exe] => (Allow) C:\program files (x86)\rarmaradio\rarmaradio.exe (Raimersoft) [File not signed]
FirewallRules: [TCP Query User{DF79153D-6F9B-4783-A246-6C8E3093E61A}C:\program files (x86)\rarmaradio\rarmaradio.exe] => (Allow) C:\program files (x86)\rarmaradio\rarmaradio.exe (Raimersoft) [File not signed]
FirewallRules: [{96884CDB-47BE-455D-ADBE-9331FC149D87}] => (Allow) D:\Programy\Steam\steamapps\common\Just Cause 3\JustCause3.exe () [File not signed]
FirewallRules: [{A6139397-CB40-429D-AA92-38B13E3607D5}] => (Allow) D:\Programy\Steam\steamapps\common\Just Cause 3\JustCause3.exe () [File not signed]
FirewallRules: [UDP Query User{DD3DFF6F-2CBB-407D-B4D2-83FA5780A349}D:\programy\ioquake3&ta\ioquake3.x86.exe] => (Allow) D:\programy\ioquake3&ta\ioquake3.x86.exe () [File not signed]
FirewallRules: [TCP Query User{4DD73704-9EA9-4F68-BC3A-FB2850FD7646}D:\programy\ioquake3&ta\ioquake3.x86.exe] => (Allow) D:\programy\ioquake3&ta\ioquake3.x86.exe () [File not signed]
FirewallRules: [{CA6BAA19-1814-47A0-A0FB-8F79A673FB34}] => (Allow) C:\Users\Zbyse\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{5ACBA4FB-8747-425F-B98A-F3FA4912D735}] => (Allow) C:\Users\Zbyse\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{98227891-53FB-4C11-967B-5E145C051395}] => (Allow) C:\users\zbyse\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{4FC24BDB-DA80-4146-A34A-C46E5ADA841D}] => (Allow) C:\users\zbyse\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{96200E0D-732E-47C4-BD26-6D88B452C97C}C:\users\zbyse\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\zbyse\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{795AB50D-7701-4DA2-A493-AFD7207C6FAF}C:\users\zbyse\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\zbyse\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{68DA5C68-DEB7-46F4-99CC-636E126087F5}D:\hry\far cry primal\bin\fcprimal.exe] => (Allow) D:\hry\far cry primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{C9260197-8D6B-4BE4-84C8-DAD7FC228454}D:\hry\far cry primal\bin\fcprimal.exe] => (Allow) D:\hry\far cry primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{440876A6-2557-4A35-A5C1-16AFC8AF3B99}] => (Allow) D:\Programy\Steam\steamapps\common\IL 2 Sturmovik 1946\il2fb.exe () [File not signed]
FirewallRules: [{5498C9DC-48DB-46B9-970A-3BC9B4874243}] => (Allow) D:\Programy\Steam\steamapps\common\IL 2 Sturmovik 1946\il2fb.exe () [File not signed]
FirewallRules: [{182045B1-949F-45CA-A0F3-1E22A08A01D5}] => (Allow) D:\Programy\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (QLOC S.A. -> Bethesda Softworks)
FirewallRules: [{08012CB5-BCF5-44E2-90BB-0EBAEC5731C6}] => (Allow) D:\Programy\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (QLOC S.A. -> Bethesda Softworks)
FirewallRules: [{08339AC4-9D35-407C-99F0-01ACBC808DF7}] => (Allow) D:\Programy\Steam\steamapps\common\Doom 3\Doom3.exe (id Software) [File not signed]
FirewallRules: [{7E77C551-BEF5-45F4-B7D8-C6929B728703}] => (Allow) D:\Programy\Steam\steamapps\common\Doom 3\Doom3.exe (id Software) [File not signed]
FirewallRules: [{84F92791-7DC3-4CB3-AC22-D53E86076F1C}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{15D38564-3182-42A5-88A6-F5AD786DD424}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8C957F18-3011-4599-A607-A799FF1DA23B}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{65D09A16-44DC-4B80-B7DC-19C8B86287B2}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{E8F3B9E3-38D4-4248-9001-18D0B5F460D0}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A0BDFADE-F5A9-4C29-8D7D-1284D342E2F9}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{928616B1-637D-4716-8E89-2CD18C140BEE}] => (Allow) C:\WINDOWS\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{DCCD96AF-007F-4561-91A0-9C0C4B6C550D}C:\program files (x86)\foobar2000\foobar2000.exe] => (Allow) C:\program files (x86)\foobar2000\foobar2000.exe (Piotr Pawlowski) [File not signed]
FirewallRules: [TCP Query User{64DED886-8AB1-4830-AAC5-8467A8398C2E}C:\program files (x86)\foobar2000\foobar2000.exe] => (Allow) C:\program files (x86)\foobar2000\foobar2000.exe (Piotr Pawlowski) [File not signed]
FirewallRules: [{A9B77D98-D068-415A-8B05-765533A49A3D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6973C9C0-1170-4218-9D52-7808D7812986}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6381FEFC-1F40-4F01-9B73-6670150D0121}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4C88961B-0B13-48DD-8BA1-603456AD35F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42B1DB2B-7DDF-42B5-919B-391D11C12089}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0973985C-165E-4FEF-AA70-DC27032424A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{D6C48BE8-AE7A-43DA-AA18-71B8C222F8E2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{A2C0553A-0DFC-4AF9-9401-A02F796F3F01}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{B8FD429C-3213-493B-AE9D-9F2139F4FBC1}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [UDP Query User{1A8A2734-E7D6-4626-B0AE-5D557E8F338C}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [TCP Query User{45D3FB68-FAD4-4286-8FFE-AF272195E4CD}D:\games\subnautica\subnautica.exe] => (Allow) D:\games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [UDP Query User{99522F0D-7992-4E01-9B03-913C9305BF4A}D:\games\subnautica\subnautica.exe] => (Allow) D:\games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [{364CEDB1-CAE3-44A4-B6E7-3E7434451658}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BB8A3D20-5818-40F7-B8CE-B26A4DF298AA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{473DAE74-DB9D-475A-B136-9BDD396229CA}C:\users\zbyse\appdata\local\roon\application\roon.exe] => (Allow) C:\users\zbyse\appdata\local\roon\application\roon.exe No File
FirewallRules: [UDP Query User{A40FA3D3-3583-4E0E-B8CB-5485E7D521E9}C:\users\zbyse\appdata\local\roon\application\roon.exe] => (Allow) C:\users\zbyse\appdata\local\roon\application\roon.exe No File
FirewallRules: [TCP Query User{6FCBD0BA-27E6-4602-9A17-C9B8E8C5CFAF}C:\users\zbyse\appdata\local\roon\application\raatserver.exe] => (Allow) C:\users\zbyse\appdata\local\roon\application\raatserver.exe No File
FirewallRules: [UDP Query User{DDEC6951-D42C-4736-AAD0-28D3C8EA06AC}C:\users\zbyse\appdata\local\roon\application\raatserver.exe] => (Allow) C:\users\zbyse\appdata\local\roon\application\raatserver.exe No File
FirewallRules: [{67D93152-320A-4885-81E4-B591B23D7697}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{47149AD9-BDCD-4AF8-B3A4-E155E0CA30B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1834D5BC-CCFA-4B09-AE79-17CF1F3ED1B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4D3359FD-660D-4EA5-B610-C5C98151075A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{E1E71045-AF2B-428F-88A6-DDFC5ADEE446}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [UDP Query User{A436625B-CB21-4AA8-89FD-A4BAD4FD6425}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [{C54F9EC6-3EA2-4461-B504-4AE565148478}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{97A539E0-73CC-4929-B250-C1A4792EE6B4}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{677122F5-308E-4FD8-BC59-552494366C5E}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F1F1F5A4-281E-46E3-8314-4DA2AB9497DB}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{57E86A91-4926-4812-A453-4D77796A2A92}] => (Allow) D:\Programy\Steam\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017.exe (GHI Media LLC -> Croteam)
FirewallRules: [{343767E7-A50A-43AD-B584-6405CBC638FC}] => (Allow) D:\Programy\Steam\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017.exe (GHI Media LLC -> Croteam)
FirewallRules: [{ECF38348-8A25-49BC-AB32-D08A819DA4D1}] => (Allow) D:\Programy\Steam\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017_Unrestricted.exe (GHI Media LLC -> Croteam)
FirewallRules: [{6B904297-5E62-45EC-87DD-38F474CA472D}] => (Allow) D:\Programy\Steam\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017_Unrestricted.exe (GHI Media LLC -> Croteam)
FirewallRules: [{CB92BCE4-96AD-4DFA-9071-52E91043CC90}] => (Allow) D:\Programy\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{4B8B1B7F-7C83-4A3D-AED8-AD2CBD518A06}] => (Allow) D:\Programy\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{01A59F5E-B18C-4D36-99B6-ECACE1A5A1FF}] => (Allow) D:\Programy\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{65AEC705-8609-4F75-899F-E98BD8958E6B}] => (Allow) D:\Programy\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{47B75B07-FF6F-4A33-9273-796344E70E6D}] => (Allow) D:\Programy\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{DCFC5174-50FD-499D-BA2F-63618AC284E5}] => (Allow) D:\Programy\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{CD2B596B-47E7-4053-AD85-402AD50A2CD0}] => (Allow) D:\Programy\Steam\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017.exe (GHI Media LLC -> Croteam)
FirewallRules: [{6A4D6825-162F-4E32-B615-F136E5BE352E}] => (Allow) D:\Programy\Steam\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017.exe (GHI Media LLC -> Croteam)
FirewallRules: [{87DCBE85-1946-4D08-BB48-2CCE6AD03A4D}] => (Allow) D:\Programy\Steam\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017_Unrestricted.exe (GHI Media LLC -> Croteam)
FirewallRules: [{79DF8A07-90FF-41A0-90F4-91529B1117A5}] => (Allow) D:\Programy\Steam\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017_Unrestricted.exe (GHI Media LLC -> Croteam)
FirewallRules: [{E3E737AA-554C-4E9F-8B74-A251AAE7028F}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{4AC47E60-8204-4670-987A-AD762CC9B220}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{ECD003B9-0BC3-40A0-AD6E-4453BDBC5A2F}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{29090693-2895-4C8C-BA7C-543CFFE03CD5}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{A9CADF58-52E9-4BDF-874C-8BC10B8F4DDF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/14/2019 11:49:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.1, časové razítko: 0x1c1f7575
Kód výjimky: 0xc000041d
Posun chyby: 0x000060d7
ID chybujícího procesu: 0x2598
Čas spuštění chybující aplikace: 0x01d50a7c3552fb08
Cesta k chybující aplikaci: C:\Users\Zbyse\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: f0a0d47b-5839-4222-a95a-d9371c043bc9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/14/2019 06:35:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.1, časové razítko: 0x1c1f7575
Kód výjimky: 0xc000041d
Posun chyby: 0x000060d7
ID chybujícího procesu: 0x1a30
Čas spuštění chybující aplikace: 0x01d50a7027dfdde0
Cesta k chybující aplikaci: C:\Users\Zbyse\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: bc8f509f-86bb-48bb-b974-075b94f9793a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/14/2019 06:18:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: USB.exe, verze: 1.0.0.0, časové razítko: 0x4fa9f125
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0160cda2
ID chybujícího procesu: 0x2f90
Čas spuštění chybující aplikace: 0x01d50a709d26c63d
Cesta k chybující aplikaci: E:\Download\3DMark (10x) (1999-2006)\PerformanceTest 8.0 Build 1010 (neco jako 3DMark) - Insdtal + Portable\Portable\PerformanceTest 7 Build 1029 - 32bit Portable\USB.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 21fa4011-0c37-4c2e-913e-657690beadd5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/14/2019 06:17:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PassMark PerformanceTest 7.exe, verze: 7.0.1028.0, časové razítko: 0x4fa9f345
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x020fcda2
ID chybujícího procesu: 0x3544
Čas spuštění chybující aplikace: 0x01d50a709644a567
Cesta k chybující aplikaci: E:\Download\3DMark (10x) (1999-2006)\PerformanceTest 8.0 Build 1010 (neco jako 3DMark) - Insdtal + Portable\Portable\PerformanceTest 7 Build 1029 - 32bit Portable\PassMark PerformanceTest 7.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 9c1ab254-69f6-4d06-b44d-1ff60e5ac72c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/14/2019 12:02:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.1, časové razítko: 0x1c1f7575
Kód výjimky: 0xc000041d
Posun chyby: 0x000060d7
ID chybujícího procesu: 0x1e7c
Čas spuštění chybující aplikace: 0x01d509d477bd2ed2
Cesta k chybující aplikaci: C:\Users\Zbyse\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: b3383160-36af-470d-adcd-6edd789d7932
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/12/2019 10:18:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.1, časové razítko: 0x1c1f7575
Kód výjimky: 0xc000041d
Posun chyby: 0x000060d7
ID chybujícího procesu: 0x2374
Čas spuštění chybující aplikace: 0x01d508fe9df9256a
Cesta k chybující aplikaci: C:\Users\Zbyse\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 8e94314d-c759-46fb-9c0a-d6933259caf6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/11/2019 11:40:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvcontainer.exe, verze: 1.15.2586.5913, časové razítko: 0x5c75252f
Název chybujícího modulu: nvcontainer.exe, verze: 1.15.2586.5913, časové razítko: 0x5c75252f
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000004fe35
ID chybujícího procesu: 0xd14
Čas spuštění chybující aplikace: 0x01d50320a7dcf71e
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
ID zprávy: 51a9c085-a789-4ecc-9d08-9d6fb7e87bba
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/11/2019 10:43:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.1, časové razítko: 0x1c1f7575
Kód výjimky: 0xc000041d
Posun chyby: 0x000060d7
ID chybujícího procesu: 0x2548
Čas spuštění chybující aplikace: 0x01d50827ba081b4c
Cesta k chybující aplikaci: C:\Users\Zbyse\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 08a30d03-6b28-41de-80a8-330046b8e504
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (05/15/2019 10:16:25 PM) (Source: DCOM) (EventID: 10016) (User: ZBYSEK)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli ZBYSEK\Zbyse (SID: S-1-5-21-2875399751-1358015588-351649890-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/15/2019 10:05:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/15/2019 10:04:22 PM) (Source: DCOM) (EventID: 10016) (User: ZBYSEK)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli ZBYSEK\Zbyse (SID: S-1-5-21-2875399751-1358015588-351649890-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/15/2019 10:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA NetworkService Container byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/15/2019 10:02:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (05/15/2019 10:02:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (05/15/2019 10:02:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/15/2019 10:02:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér výkonu rozhraní WMI byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2019-05-03 19:43:33.574
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4711C2F7-F6AE-4789-AAA3-C68E0CCAE993}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-03 19:37:27.508
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A3A84063-37E3-4BC3-81B8-7956ED25F34D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-03 19:30:33.697
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0C94BFDD-B295-48CE-88B4-7612196B82BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-03 17:44:32.662
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {922515B5-4AAD-4845-830C-D0E99554237E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-05-01 21:27:58.184
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\Download\3DMark (10x) (1999-2006)\3DMark 11 PRO (FULL)\keygen.exe; file:_E:\Download\3DMark (10x) (1999-2006)\3DMark 11 PRO v1.0 (32,64bit) FULL (7,Vista)\keygen.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: ZBYSEK\Zbyse
Název procesu: C:\Windows\System32\SearchProtocolHost.exe
Verze podpisu: AV: 1.293.600.0, AS: 1.293.600.0, NIS: 1.293.600.0
Verze modulu: AM: 1.1.15900.4, NIS: 1.1.15900.4

CodeIntegrity:
===================================

Date: 2019-05-04 16:48:12.615
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-04 16:48:12.612
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-04 16:48:12.609
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-25 19:16:02.927
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-25 19:16:02.924
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-25 19:16:02.920
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-23 15:17:29.105
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-23 15:17:29.102
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 3402 05/07/2012
Motherboard: ASUSTeK Computer INC. P8Z68-V GEN3
Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 34%
Total physical RAM: 8159.14 MB
Available physical RAM: 5332.49 MB
Total Virtual: 9439.14 MB
Available Virtual: 5439.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:59.17 GB) (Free:12.23 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Dokumenty) (Fixed) (Total:1863.01 GB) (Free:426.63 GB) NTFS
Drive e: (Data Disc) (Fixed) (Total:2794.5 GB) (Free:196.89 GB) NTFS
Drive f: (Filmy) (Fixed) (Total:2794.5 GB) (Free:159.89 GB) NTFS

\\?\Volume{522522c6-0000-0000-0000-a0ca0e000000}\ () (Fixed) (Total:0.46 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 38EBBD95)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 59.6 GB) (Disk ID: 522522C6)
Partition 1: (Active) - (Size=59.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=470 MB) - (Type=27)

========================================================
Disk: 3 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Po spuštění se načítají internetové stránky

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

cormack
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 02 kvě 2008 06:18

Re: Po spuštění se načítají internetové stránky

#3 Příspěvek od cormack »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-15-2019
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1372 octets] - [11/02/2019 18:18:46]
AdwCleaner[C00].txt - [1520 octets] - [11/02/2019 18:19:44]
AdwCleaner[S01].txt - [1372 octets] - [11/02/2019 18:22:22]
AdwCleaner[S02].txt - [1475 octets] - [11/02/2019 18:59:27]
AdwCleaner[C02].txt - [1641 octets] - [11/02/2019 18:59:53]
AdwCleaner[S03].txt - [1597 octets] - [16/04/2019 18:25:55]
AdwCleaner[C03].txt - [1763 octets] - [16/04/2019 18:26:19]
AdwCleaner[S04].txt - [1677 octets] - [16/04/2019 18:29:25]
AdwCleaner[S05].txt - [1738 octets] - [16/04/2019 18:34:20]
AdwCleaner[C05].txt - [1924 octets] - [16/04/2019 18:34:33]
AdwCleaner[S06].txt - [1860 octets] - [15/05/2019 21:55:06]
AdwCleaner[S07].txt - [1921 octets] - [15/05/2019 22:01:47]
AdwCleaner[C07].txt - [2107 octets] - [15/05/2019 22:02:57]
AdwCleaner[S08].txt - [2043 octets] - [15/05/2019 23:23:22]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C08].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Po spuštění se načítají internetové stránky

#4 Příspěvek od Conder »

:arrow: Zapni obnovu systemu
  • Stlac Win+R, napis "sysdm.cpl" (bez uvodzoviek) a stlac enter
  • Klikni na kartu Ochrana systemu a potom na Konfigurovat
  • Vyber moznost Zapnut ochranu systemu a klikni na OK
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Supgam\Coretemp\Core Temp.exe
    CMD: type "C:\Users\Zbyse\AppData\Roaming\log_031618_005340.txt"
    CMD: type "C:\Users\Zbyse\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f"
    CMD: type "C:\Users\Zbyse\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf"
    CMD: type "C:\Users\Zbyse\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388"
    
    HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\Run: [Zbyse] => cmd.exe /c start http://www.dinoraptzor.org
    HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\MountPoints2: {85dd23d0-435a-11e9-af31-c86000168fe3} - "G:\HiSuiteDownLoader.exe" 
    HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\MountPoints2: {8b09c364-33c3-11e9-af30-c86000168fe3} - "G:\HiSuiteDownLoader.exe" 
    HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\MountPoints2: {da009285-51aa-11e9-af34-c86000168fe3} - "G:\Setup.exe" 
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2019-04-14] // No File
    GroupPolicy: Restriction ? <==== ATTENTION
    Task: {729A8C68-5635-4185-A041-FD5A6E9559E1} - System32\Tasks\Zbyse => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Zbyse /t REG_SZ /d "cmd.exe /c start http://www.dinoraptzor.org"
    CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
    CHR DefaultSearchKeyword: Default -> google.cz_
    S3 cpuz132; \??\C:\WINDOWS\TEMP\cpuz132\cpuz132_x64.sys [X]
    2018-05-11 18:02 - 2018-05-11 18:02 - 000000171 ____C () C:\Users\Zbyse\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
    2018-05-11 18:02 - 2018-05-11 18:02 - 000000304 ____C () C:\Users\Zbyse\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
    2018-05-11 18:02 - 2018-05-11 18:02 - 000000175 ____C () C:\Users\Zbyse\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
    2018-03-14 00:31 - 2018-03-14 00:40 - 000015814 ____C () C:\Users\Zbyse\AppData\Roaming\log_031318_233106.txt
    2018-03-16 01:53 - 2018-03-16 01:58 - 000007812 ____C () C:\Users\Zbyse\AppData\Roaming\log_031618_005340.txt
    2017-10-12 18:52 - 2017-10-12 18:52 - 000000080 ____C () C:\Users\Zbyse\AppData\Roaming\log_101217_185219.txt
    2017-10-12 18:52 - 2017-10-12 18:52 - 000000080 ____C () C:\Users\Zbyse\AppData\Roaming\log_101217_185230.txt
    2017-10-12 18:53 - 2017-10-12 19:32 - 000036912 ____C () C:\Users\Zbyse\AppData\Roaming\log_101217_185304.txt
    2017-10-12 20:54 - 2017-10-12 21:28 - 000035652 ____C () C:\Users\Zbyse\AppData\Roaming\log_101217_205402.txt
    2017-11-21 22:40 - 2017-11-21 22:42 - 000003314 ____C () C:\Users\Zbyse\AppData\Roaming\log_112117_214050.txt
    2016-12-15 18:58 - 2018-11-09 17:39 - 000003523 ____C () C:\Users\Zbyse\AppData\Local\FSDownloader.err
    2016-12-15 18:57 - 2018-11-09 17:39 - 000001168 ____C () C:\Users\Zbyse\AppData\Local\FSDownloader.nast
    2017-05-27 22:15 - 2017-05-27 22:15 - 000140800 ____C () C:\Users\Zbyse\AppData\Local\installer.dat
    2018-09-28 18:30 - 2018-09-28 18:30 - 000000000 ____C () C:\Users\Zbyse\AppData\Local\oobelibMkey.log
    HKLM\...\StartupApproved\StartupFolder: => "Universal Media Server.lnk"
    HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\StartupApproved\StartupFolder: => "ahmedatef.exe"
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

cormack
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 02 kvě 2008 06:18

Re: Po spuštění se načítají internetové stránky

#5 Příspěvek od cormack »

Děkuji.

Tady to je:



Fix result of Farbar Recovery Scan Tool (x64) Version: 15-05.2019 01
Ran by Zbyse (16-05-2019 17:00:14) Run:2
Running from C:\Users\Zbyse\Desktop
Loaded Profiles: Zbyse (Available Profiles: Zbyse)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Supgam\Coretemp\Core Temp.exe
CMD: type "C:\Users\Zbyse\AppData\Roaming\log_031618_005340.txt"
CMD: type "C:\Users\Zbyse\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f"
CMD: type "C:\Users\Zbyse\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf"
CMD: type "C:\Users\Zbyse\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388"

HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\Run: [Zbyse] => cmd.exe /c start http://www.dinoraptzor.org
HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\MountPoints2: {85dd23d0-435a-11e9-af31-c86000168fe3} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\MountPoints2: {8b09c364-33c3-11e9-af30-c86000168fe3} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\MountPoints2: {da009285-51aa-11e9-af34-c86000168fe3} - "G:\Setup.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2019-04-14] // No File
GroupPolicy: Restriction ? <==== ATTENTION
Task: {729A8C68-5635-4185-A041-FD5A6E9559E1} - System32\Tasks\Zbyse => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Zbyse /t REG_SZ /d "cmd.exe /c start http://www.dinoraptzor.org"
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchKeyword: Default -> google.cz_
S3 cpuz132; \??\C:\WINDOWS\TEMP\cpuz132\cpuz132_x64.sys [X]
2018-05-11 18:02 - 2018-05-11 18:02 - 000000171 ____C () C:\Users\Zbyse\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2018-05-11 18:02 - 2018-05-11 18:02 - 000000304 ____C () C:\Users\Zbyse\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2018-05-11 18:02 - 2018-05-11 18:02 - 000000175 ____C () C:\Users\Zbyse\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2018-03-14 00:31 - 2018-03-14 00:40 - 000015814 ____C () C:\Users\Zbyse\AppData\Roaming\log_031318_233106.txt
2018-03-16 01:53 - 2018-03-16 01:58 - 000007812 ____C () C:\Users\Zbyse\AppData\Roaming\log_031618_005340.txt
2017-10-12 18:52 - 2017-10-12 18:52 - 000000080 ____C () C:\Users\Zbyse\AppData\Roaming\log_101217_185219.txt
2017-10-12 18:52 - 2017-10-12 18:52 - 000000080 ____C () C:\Users\Zbyse\AppData\Roaming\log_101217_185230.txt
2017-10-12 18:53 - 2017-10-12 19:32 - 000036912 ____C () C:\Users\Zbyse\AppData\Roaming\log_101217_185304.txt
2017-10-12 20:54 - 2017-10-12 21:28 - 000035652 ____C () C:\Users\Zbyse\AppData\Roaming\log_101217_205402.txt
2017-11-21 22:40 - 2017-11-21 22:42 - 000003314 ____C () C:\Users\Zbyse\AppData\Roaming\log_112117_214050.txt
2016-12-15 18:58 - 2018-11-09 17:39 - 000003523 ____C () C:\Users\Zbyse\AppData\Local\FSDownloader.err
2016-12-15 18:57 - 2018-11-09 17:39 - 000001168 ____C () C:\Users\Zbyse\AppData\Local\FSDownloader.nast
2017-05-27 22:15 - 2017-05-27 22:15 - 000140800 ____C () C:\Users\Zbyse\AppData\Local\installer.dat
2018-09-28 18:30 - 2018-09-28 18:30 - 000000000 ____C () C:\Users\Zbyse\AppData\Local\oobelibMkey.log
HKLM\...\StartupApproved\StartupFolder: => "Universal Media Server.lnk"
HKU\S-1-5-21-2875399751-1358015588-351649890-1001\...\StartupApproved\StartupFolder: => "ahmedatef.exe"

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 57
Average :
Sum : 13701356
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Supgam\Coretemp\Core Temp.exe ========================

C:\Supgam\Coretemp\Core Temp.exe
File not signed
MD5: 72A04007EFEF1825625D5AF3022D93C8
Creation and modification date: 2016-11-26 20:43 - 2012-01-25 14:59
Size: 000848336
Attributes: ----A
Company Name:
Internal Name: Core Temp
Original Name: Core Temp.exe
Product: Core Temp
Description: CPU temperature and system information utility
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright (C) 2006 - 2011 Alcpu
VirusTotal: https://www.virustotal.com/file/bba7d79 ... 514302717/

====== End of File: ======


========= type "C:\Users\Zbyse\AppData\Roaming\log_031618_005340.txt" =========

<00:53:40> [Comment] Mipl int started
<00:53:40> [Comment] Mipl init finished
<00:54:33> [Comment] WB 6500.000000 0.000000 -> 5687.769531 -9.024784
<00:54:33> [Comment] WB 6500.000000 0.000000 -> 5687.769531 -9.024784
<00:54:36> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:54:36> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:54:42> [Comment] WB 6500.000000 0.000000 -> 7212.688477 0.000000
<00:54:42> [Comment] WB 6500.000000 0.000000 -> 7212.688477 0.000000
<00:54:43> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:54:43> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:54:44> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:54:44> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:54:45> [Comment] WB 6500.000000 0.000000 -> 10005.896484 35.524426
<00:54:45> [Comment] WB 6500.000000 0.000000 -> 10005.896484 35.524426
<00:54:47> [Comment] WB 6500.000000 0.000000 -> 5622.709961 0.000000
<00:54:47> [Comment] WB 6500.000000 0.000000 -> 5622.709961 0.000000
<00:54:49> [Comment] WB 6500.000000 0.000000 -> 5885.044922 0.000000
<00:54:49> [Comment] WB 6500.000000 0.000000 -> 5885.044922 0.000000
<00:54:50> [Comment] WB 6500.000000 0.000000 -> 9174.658203 0.000000
<00:54:50> [Comment] WB 6500.000000 0.000000 -> 9174.658203 0.000000
<00:54:51> [Comment] WB 6500.000000 0.000000 -> 8114.833496 0.000000
<00:54:51> [Comment] WB 6500.000000 0.000000 -> 8114.833496 0.000000
<00:54:51> [Comment] WB 6500.000000 0.000000 -> 8371.836914 0.000000
<00:54:51> [Comment] WB 6500.000000 0.000000 -> 8371.836914 0.000000
<00:54:56> [Comment] WB 6500.000000 0.000000 -> 5687.769531 -9.024784
<00:54:56> [Comment] WB 6500.000000 0.000000 -> 5687.769531 -9.024784
<00:55:27> [Comment] WB 6500.000000 0.000000 -> 5687.769531 -9.024784
<00:55:27> [Comment] WB 6500.000000 0.000000 -> 5687.769531 -9.024784
<00:55:29> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:55:29> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:55:34> [Comment] WB 6500.000000 0.000000 -> 7212.688477 0.000000
<00:55:34> [Comment] WB 6500.000000 0.000000 -> 7212.688477 0.000000
<00:55:36> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:55:36> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:55:37> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:55:37> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:55:38> [Comment] WB 6500.000000 0.000000 -> 10005.896484 35.524426
<00:55:38> [Comment] WB 6500.000000 0.000000 -> 10005.896484 35.524426
<00:55:40> [Comment] WB 6500.000000 0.000000 -> 5622.709961 0.000000
<00:55:40> [Comment] WB 6500.000000 0.000000 -> 5622.709961 0.000000
<00:55:42> [Comment] WB 6500.000000 0.000000 -> 5885.044922 0.000000
<00:55:42> [Comment] WB 6500.000000 0.000000 -> 5885.044922 0.000000
<00:55:43> [Comment] WB 6500.000000 0.000000 -> 9174.658203 0.000000
<00:55:43> [Comment] WB 6500.000000 0.000000 -> 9174.658203 0.000000
<00:55:43> [Comment] WB 6500.000000 0.000000 -> 8114.833496 0.000000
<00:55:43> [Comment] WB 6500.000000 0.000000 -> 8114.833496 0.000000
<00:55:43> [Comment] WB 6500.000000 0.000000 -> 8371.836914 0.000000
<00:55:43> [Comment] WB 6500.000000 0.000000 -> 8371.836914 0.000000
<00:55:52> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:55:52> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:56:33> [Comment] WB 6500.000000 0.000000 -> 5687.769531 -9.024784
<00:56:33> [Comment] WB 6500.000000 0.000000 -> 5687.769531 -9.024784
<00:56:33> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:56:33> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:56:34> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:56:34> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:56:39> [Comment] WB 6500.000000 0.000000 -> 7212.688477 0.000000
<00:56:39> [Comment] WB 6500.000000 0.000000 -> 7212.688477 0.000000
<00:56:41> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:56:41> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:56:42> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:56:42> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:56:43> [Comment] WB 6500.000000 0.000000 -> 10005.896484 35.524426
<00:56:43> [Comment] WB 6500.000000 0.000000 -> 10005.896484 35.524426
<00:56:44> [Comment] WB 6500.000000 0.000000 -> 5622.709961 0.000000
<00:56:44> [Comment] WB 6500.000000 0.000000 -> 5622.709961 0.000000
<00:56:45> [Comment] WB 6500.000000 0.000000 -> 5885.044922 0.000000
<00:56:45> [Comment] WB 6500.000000 0.000000 -> 5885.044922 0.000000
<00:56:47> [Comment] WB 6500.000000 0.000000 -> 9174.658203 0.000000
<00:56:47> [Comment] WB 6500.000000 0.000000 -> 9174.658203 0.000000
<00:56:47> [Comment] WB 6500.000000 0.000000 -> 8114.833496 0.000000
<00:56:47> [Comment] WB 6500.000000 0.000000 -> 8114.833496 0.000000
<00:56:48> [Comment] WB 6500.000000 0.000000 -> 8371.836914 0.000000
<00:56:48> [Comment] WB 6500.000000 0.000000 -> 8371.836914 0.000000
<00:57:23> [Comment] WB 6500.000000 0.000000 -> 5687.769531 -9.024784
<00:57:23> [Comment] WB 6500.000000 0.000000 -> 5687.769531 -9.024784
<00:57:25> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:57:25> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:57:30> [Comment] WB 6500.000000 0.000000 -> 7212.688477 0.000000
<00:57:30> [Comment] WB 6500.000000 0.000000 -> 7212.688477 0.000000
<00:57:31> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:57:31> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:57:32> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:57:32> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:57:33> [Comment] WB 6500.000000 0.000000 -> 10005.896484 35.524426
<00:57:33> [Comment] WB 6500.000000 0.000000 -> 10005.896484 35.524426
<00:57:34> [Comment] WB 6500.000000 0.000000 -> 5622.709961 0.000000
<00:57:34> [Comment] WB 6500.000000 0.000000 -> 5622.709961 0.000000
<00:57:41> [Comment] WB 6500.000000 0.000000 -> 5687.769531 -9.024784
<00:57:41> [Comment] WB 6500.000000 0.000000 -> 5687.769531 -9.024784
<00:57:43> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:57:43> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:57:47> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:57:47> [Comment] WB 6500.000000 0.000000 -> 7033.270508 0.000000
<00:57:47> [Comment] WB 6500.000000 0.000000 -> 7212.688477 0.000000
<00:57:47> [Comment] WB 6500.000000 0.000000 -> 7212.688477 0.000000
<00:57:49> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:57:49> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:57:50> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:57:50> [Comment] WB 6500.000000 0.000000 -> 6093.884766 0.000000
<00:57:51> [Comment] WB 6500.000000 0.000000 -> 10005.896484 35.524426
<00:57:51> [Comment] WB 6500.000000 0.000000 -> 10005.896484 35.524426
<00:57:53> [Comment] WB 6500.000000 0.000000 -> 5622.709961 0.000000
<00:57:53> [Comment] WB 6500.000000 0.000000 -> 5622.709961 0.000000
<00:57:54> [Comment] WB 6500.000000 0.000000 -> 5885.044922 0.000000
<00:57:54> [Comment] WB 6500.000000 0.000000 -> 5885.044922 0.000000
<00:57:56> [Comment] WB 6500.000000 0.000000 -> 9174.658203 0.000000
<00:57:56> [Comment] WB 6500.000000 0.000000 -> 9174.658203 0.000000
<00:57:56> [Comment] WB 6500.000000 0.000000 -> 8114.833496 0.000000
<00:57:56> [Comment] WB 6500.000000 0.000000 -> 8114.833496 0.000000
<00:57:56> [Comment] WB 6500.000000 0.000000 -> 8371.836914 0.000000
<00:57:56> [Comment] WB 6500.000000 0.000000 -> 8371.836914 0.000000

========= End of CMD: =========


========= type "C:\Users\Zbyse\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f" =========

PK U«L3 7>; 4 drm.xmlłíÝ/1‰/ő™EĹ#tążÎ›Ö`’üT®ö±Lä:Q˛°{çÍžý•owĐŇ]FźLźŻ#¤Ů ­“PK U«L3 7>; 4 drm.xmlPK 5 `
========= End of CMD: =========


========= type "C:\Users\Zbyse\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf" =========

PK U«LKcĄo3 / uhc.xmlŔ”pŠˆ¤EG˛ đ† &«C®·§ŃC¶¶b»ˆOÁh„¤µŔłQm/}/{Č:ż)ÝQ5PK U«LKcĄo3 / uhr.xml9ń¤vÄCě89żŃ"äÎó\CłĎ Ç!ăîřTłé¦ëHôä Ô>mÇ«dXfJů–PK U«LKcĄo3 / uhc.xmlPK U«LKcĄo3 / X uhr.xmlPK j °
========= End of CMD: =========



= = = = = = = = = t y p e " C : \ U s e r s \ Z b y s e \ A p p D a t a \ R o a m i n g \ f c 1 9 e c e 2 - 6 b 3 f - 4 f 2 2 - 8 7 5 8 - 9 6 5 1 a b 9 c a 3 8 8 " = = = = = = = = =



KP UL«cKoĄ 3 /
ihifuaid.omxWlţ_)Yo†z0„Îş*»Č*tĄ2S¶
şq…Ŕ
‘vŹŠĂ>Ó'ᮃ)¶óűÔoOKP UL«cKoĄ 3 /
ihifuaid.omxPlK ; ^

= = = = = = = = = E n d o f C M D : = = = = = = = = =



" H K U \ S - 1 - 5 - 2 1 - 2 8 7 5 3 9 9 7 5 1 - 1 3 5 8 0 1 5 5 8 8 - 3 5 1 6 4 9 8 9 0 - 1 0 0 1 \ S o f t w a r e \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n \ \ Z b y s e " = > r e m o v e d s u c c e s s f u l l y

H K U \ S - 1 - 5 - 2 1 - 2 8 7 5 3 9 9 7 5 1 - 1 3 5 8 0 1 5 5 8 8 - 3 5 1 6 4 9 8 9 0 - 1 0 0 1 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ E x p l o r e r \ M o u n t P o i n t s 2 \ { 8 5 d d 2 3 d 0 - 4 3 5 a - 1 1 e 9 - a f 3 1 - c 8 6 0 0 0 1 6 8 f e 3 } = > r e m o v e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ C l a s s e s \ C L S I D \ { 8 5 d d 2 3 d 0 - 4 3 5 a - 1 1 e 9 - a f 3 1 - c 8 6 0 0 0 1 6 8 f e 3 } = > n o t f o u n d

H K U \ S - 1 - 5 - 2 1 - 2 8 7 5 3 9 9 7 5 1 - 1 3 5 8 0 1 5 5 8 8 - 3 5 1 6 4 9 8 9 0 - 1 0 0 1 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ E x p l o r e r \ M o u n t P o i n t s 2 \ { 8 b 0 9 c 3 6 4 - 3 3 c 3 - 1 1 e 9 - a f 3 0 - c 8 6 0 0 0 1 6 8 f e 3 } = > r e m o v e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ C l a s s e s \ C L S I D \ { 8 b 0 9 c 3 6 4 - 3 3 c 3 - 1 1 e 9 - a f 3 0 - c 8 6 0 0 0 1 6 8 f e 3 } = > n o t f o u n d

H K U \ S - 1 - 5 - 2 1 - 2 8 7 5 3 9 9 7 5 1 - 1 3 5 8 0 1 5 5 8 8 - 3 5 1 6 4 9 8 9 0 - 1 0 0 1 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ E x p l o r e r \ M o u n t P o i n t s 2 \ { d a 0 0 9 2 8 5 - 5 1 a a - 1 1 e 9 - a f 3 4 - c 8 6 0 0 0 1 6 8 f e 3 } = > r e m o v e d s u c c e s s f u l l y

H K L M \ S o f t w a r e \ C l a s s e s \ C L S I D \ { d a 0 0 9 2 8 5 - 5 1 a a - 1 1 e 9 - a f 3 4 - c 8 6 0 0 0 1 6 8 f e 3 } = > n o t f o u n d

C : \ P r o g r a m D a t a \ M i c r o s o f t \ W i n d o w s \ S t a r t M e n u \ P r o g r a m s \ S t a r t u p \ U n i v e r s a l M e d i a S e r v e r . l n k = > m o v e d s u c c e s s f u l l y

C : \ W I N D O W S \ s y s t e m 3 2 \ G r o u p P o l i c y \ M a c h i n e = > m o v e d s u c c e s s f u l l y

C : \ W I N D O W S \ s y s t e m 3 2 \ G r o u p P o l i c y \ G P T . i n i = > m o v e d s u c c e s s f u l l y

C : \ W I N D O W S \ S y s W O W 6 4 \ G r o u p P o l i c y \ G P T . i n i = > m o v e d s u c c e s s f u l l y

" H K L M \ S o f t w a r e \ M i c r o s o f t \ W i n d o w s N T \ C u r r e n t V e r s i o n \ S c h e d u l e \ T a s k C a c h e \ B o o t \ { 7 2 9 A 8 C 6 8 - 5 6 3 5 - 4 1 8 5 - A 0 4 1 - F D 5 A 6 E 9 5 5 9 E 1 } " = > r e m o v e d s u c c e s s f u l l y

" H K L M \ S o f t w a r e \ M i c r o s o f t \ W i n d o w s N T \ C u r r e n t V e r s i o n \ S c h e d u l e \ T a s k C a c h e \ T a s k s \ { 7 2 9 A 8 C 6 8 - 5 6 3 5 - 4 1 8 5 - A 0 4 1 - F D 5 A 6 E 9 5 5 9 E 1 } " = > r e m o v e d s u c c e s s f u l l y

C : \ W I N D O W S \ S y s t e m 3 2 \ T a s k s \ Z b y s e = > m o v e d s u c c e s s f u l l y

" H K L M \ S o f t w a r e \ M i c r o s o f t \ W i n d o w s N T \ C u r r e n t V e r s i o n \ S c h e d u l e \ T a s k C a c h e \ T r e e \ Z b y s e " = > r e m o v e d s u c c e s s f u l l y

" C h r o m e S t a r t u p U r l s " = > r e m o v e d s u c c e s s f u l l y

" C h r o m e D e f a u l t S e a r c h K e y w o r d " = > r e m o v e d s u c c e s s f u l l y

H K L M \ S y s t e m \ C u r r e n t C o n t r o l S e t \ S e r v i c e s \ c p u z 1 3 2 = > r e m o v e d s u c c e s s f u l l y

c p u z 1 3 2 = > s e r v i c e r e m o v e d s u c c e s s f u l l y

C : \ U s e r s \ Z b y s e \ A p p D a t a \ R o a m i n g \ 1 e b 7 6 6 f 2 - f e d 1 - 4 d 3 3 - 9 c 3 9 - 2 c 8 a 9 7 2 f d 1 1 f = > m o v e d s u c c e s s f u l l y

C : \ U s e r s \ Z b y s e \ A p p D a t a \ R o a m i n g \ 4 e 9 3 a a 1 1 - 2 d 4 6 - 4 9 8 0 - a 4 2 1 - 0 a 4 a c 7 5 9 e 5 b f = > m o v e d s u c c e s s f u l l y

C : \ U s e r s \ Z b y s e \ A p p D a t a \ R o a m i n g \ f c 1 9 e c e 2 - 6 b 3 f - 4 f 2 2 - 8 7 5 8 - 9 6 5 1 a b 9 c a 3 8 8 = > m o v e d s u c c e s s f u l l y

C : \ U s e r s \ Z b y s e \ A p p D a t a \ R o a m i n g \ l o g _ 0 3 1 3 1 8 _ 2 3 3 1 0 6 . t x t = > m o v e d s u c c e s s f u l l y

C : \ U s e r s \ Z b y s e \ A p p D a t a \ R o a m i n g \ l o g _ 0 3 1 6 1 8 _ 0 0 5 3 4 0 . t x t = > m o v e d s u c c e s s f u l l y

C : \ U s e r s \ Z b y s e \ A p p D a t a \ R o a m i n g \ l o g _ 1 0 1 2 1 7 _ 1 8 5 2 1 9 . t x t = > m o v e d s u c c e s s f u l l y

C : \ U s e r s \ Z b y s e \ A p p D a t a \ R o a m i n g \ l o g _ 1 0 1 2 1 7 _ 1 8 5 2 3 0 . t x t = > m o v e d s u c c e s s f u l l y

C : \ U s e r s \ Z b y s e \ A p p D a t a \ R o a m i n g \ l o g _ 1 0 1 2 1 7 _ 1 8 5 3 0 4 . t x t = > m o v e d s u c c e s s f u l l y

C : \ U s e r s \ Z b y s e \ A p p D a t a \ R o a m i n g \ l o g _ 1 0 1 2 1 7 _ 2 0 5 4 0 2 . t x t = > m o v e d s u c c e s s f u l l y

C : \ U s e r s \ Z b y s e \ A p p D a t a \ R o a m i n g \ l o g _ 1 1 2 1 1 7 _ 2 1 4 0 5 0 . t x t = > m o v e d s u c c e s s f u l l y

C : \ U s e r s \ Z b y s e \ A p p D a t a \ L o c a l \ F S D o w n l o a d e r . e r r = > m o v e d s u c c e s s f u l l y

C : \ U s e r s \ Z b y s e \ A p p D a t a \ L o c a l \ F S D o w n l o a d e r . n a s t = > m o v e d s u c c e s s f u l l y

C : \ U s e r s \ Z b y s e \ A p p D a t a \ L o c a l \ i n s t a l l e r . d a t = > m o v e d s u c c e s s f u l l y

C : \ U s e r s \ Z b y s e \ A p p D a t a \ L o c a l \ o o b e l i b M k e y . l o g = > m o v e d s u c c e s s f u l l y

" C : \ P r o g r a m D a t a \ M i c r o s o f t \ W i n d o w s \ S t a r t M e n u \ P r o g r a m s \ S t a r t u p \ U n i v e r s a l M e d i a S e r v e r . l n k " = > n o t f o u n d

" H K L M \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ E x p l o r e r \ S t a r t u p A p p r o v e d \ S t a r t u p F o l d e r \ \ U n i v e r s a l M e d i a S e r v e r . l n k " = > r e m o v e d s u c c e s s f u l l y

" C : \ U s e r s \ Z b y s e \ A p p D a t a \ R o a m i n g \ M i c r o s o f t \ W i n d o w s \ S t a r t M e n u \ P r o g r a m s \ S t a r t u p \ a h m e d a t e f . e x e " = > n o t f o u n d

" H K U \ S - 1 - 5 - 2 1 - 2 8 7 5 3 9 9 7 5 1 - 1 3 5 8 0 1 5 5 8 8 - 3 5 1 6 4 9 8 9 0 - 1 0 0 1 \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ E x p l o r e r \ S t a r t u p A p p r o v e d \ S t a r t u p F o l d e r \ \ a h m e d a t e f . e x e " = > r e m o v e d s u c c e s s f u l l y

C : \ W i n d o w s \ S y s t e m 3 2 \ D r i v e r s \ e t c \ h o s t s = > m o v e d s u c c e s s f u l l y

H o s t s r e s t o r e d s u c c e s s f u l l y .



= = = = = = = = = = = E m p t y T e m p : = = = = = = = = = =



B I T S t r a n s f e r q u e u e = > 1 0 2 4 8 1 9 2 B

D O M S t o r e , I E R e c o v e r y , A p p C a c h e , F e e d s C a c h e , T h u m b c a c h e , I c o n C a c h e = > 3 8 9 5 4 5 4 3 3 B

J a v a , F l a s h , S t e a m h t m l c a c h e = > 3 7 5 1 9 0 3 4 B

W i n d o w s / s y s t e m / d r i v e r s = > 1 0 2 3 1 1 7 9 B

E d g e = > 1 4 4 3 1 8 8 3 B

C h r o m e = > 3 6 0 5 4 8 1 1 9 B

F i r e f o x = > 2 7 3 3 0 9 4 3 1 B

O p e r a = > 0 B



T e m p , I E c a c h e , h i s t o r y , c o o k i e s , r e c e n t :

D e f a u l t = > 0 B

U s e r s = > 0 B

P r o g r a m D a t a = > 0 B

P u b l i c = > 0 B

s y s t e m p r o f i l e = > 0 B

s y s t e m p r o f i l e 3 2 = > 0 B

L o c a l S e r v i c e = > 0 B

L o c a l S e r v i c e = > 0 B

N e t w o r k S e r v i c e = > 0 B

N e t w o r k S e r v i c e = > 0 B

Z b y s e = > 7 0 8 7 8 6 9 B



R e c y c l e B i n = > 0 B

E m p t y T e m p : = > 1 G B t e m p o r a r y d a t a R e m o v e d .



= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =





T h e s y s t e m n e e d e d a r e b o o t .



= = = = E n d o f F i x l o g 1 7 : 0 5 : 1 8 = = = =

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Po spuštění se načítají internetové stránky

#6 Příspěvek od Conder »

:arrow: Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

cormack
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 02 kvě 2008 06:18

Re: Po spuštění se načítají internetové stránky

#7 Příspěvek od cormack »

Moc děkuji za pomoc!

Vše v pořádku, PC se zdá být čisté.

C.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Po spuštění se načítají internetové stránky

#8 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

cormack
Návštěvník
Návštěvník
Příspěvky: 74
Registrován: 02 kvě 2008 06:18

Re: Po spuštění se načítají internetové stránky

#9 Příspěvek od cormack »

Provedeno.

Děkuji za pomoc!

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Po spuštění se načítají internetové stránky

#10 Příspěvek od Conder »

Nie je zaco, rad som pomohol :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět