Právě je 10 pro 2019 16:06

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Odpovědět na téma  [ Příspěvků: 38 ]  Přejít na stránku 1, 2, 3  Další
Autor Zpráva
 Předmět příspěvku: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 15 kvě 2019 18:26 
Offline
Návštěvník
Návštěvník

Registrován: 25 lis 2007 08:52
Příspěvky: 41
Dobrý den, poprosil bych o pomoc. V poslední době je laptop zpomalený, ale hlavní problém je ten, že se napíklad při koukání na film začne přehřívat. Chlazení jede o sto šest, ale následně se laptop stejně zasekne a spadne do modré obrazovky s textem. Text nestíhám ani přečíst následně se display vypne a laptop takto zůstane dokud jej natvrdo nevypnu.

zde posílám FRST :
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05.2019 01
Ran by Zdenka (administrator) on SAMSUNG_NB (SAMSUNG ELECTRONICS CO., LTD. 300E4A/300E5A/300E7A) (15-05-2019 19:17:17)
Running from C:\Users\Zdenka\Desktop
Loaded Profiles: UpdatusUser & Zdenka (Available Profiles: UpdatusUser & Zdenka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ACD Systems International Inc -> ACD Systems International Inc.) C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ChengDu AoMei Tech Co., Ltd -> AOMEI Tech Co., Ltd.) [File not signed] C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\winampa.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed] C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics CO., LTD. -> SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12558440 2011-07-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10372368 2011-03-30] (Intel Corporation - Mobile Wireless Group -> Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2721576 2011-06-17] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9263944 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [EaseUS TB Tray Agent] => C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe [253992 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Run: [Device Detector] => DevDetect.exe -autorun
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Run: [Google Update] => C:\Users\Zdenka\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateCore.exe [752424 2019-04-01] (Google Inc -> Google LLC)
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Run: [Spotify] => C:\Users\Zdenka\AppData\Roaming\Spotify\Spotify.exe [25817832 2019-05-12] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\MountPoints2: {8420665a-0e6d-11e5-8b74-dca97166f1f6} - G:\Startme.exe
HKLM\...\Drivers32: [VIDC.ACDV] => ACDV.dll
HKLM\...\Drivers32-x32: [VIDC.ACDV] => ACDV.dll
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [226920 2011-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
AppInit_DLLs: C:\windows\system32\guard64.dll => C:\windows\system32\guard64.dll [388280 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [193128 2011-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\guard32.dll => C:\windows\SysWOW64\guard32.dll [300200 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0198F9E9-3AE7-47E3-AE8B-4702DA3721B2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {0198F9E9-3AE7-47E3-AE8B-4702DA3721B2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {04C3A23B-B6DE-4ED1-9204-1BB952FDEEC1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {04C3A23B-B6DE-4ED1-9204-1BB952FDEEC1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {04C3A23B-B6DE-4ED1-9204-1BB952FDEEC1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {0780B7D1-2474-4A69-B531-EE50935F2A97} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-14] (Adobe Inc. -> Adobe)
Task: {0B178AAC-79FD-48E4-AA6D-632C4EA3537E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2234519877-4043553204-3602242062-1001UA => C:\Users\Zdenka\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {0E49BBCF-A203-4CC5-8EC5-C026FB9BE446} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {0E49BBCF-A203-4CC5-8EC5-C026FB9BE446} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {216EA3A1-C64E-4979-A369-B088EE343DC8} - System32\Tasks\{DB30F249-C942-418B-85EB-34C6C2746EED} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.7.0.102/cs/a ... age=tsMain
Task: {23A5B4D0-475A-4B4A-991B-C8D9009C7E2F} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4403280 2011-06-24] (Samsung Electronics CO., LTD. -> SEC)
Task: {23CBE672-B110-4FCE-9CEF-8FC674BEC1FF} - System32\Tasks\{FD31B3C0-D273-41C5-83EF-E26E5600AD49} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.5.0.158/cs/a ... rogressBar
Task: {3B6A32A0-80A2-4649-BAEF-5FDE7880E91B} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {6744045E-8C3D-4580-AC7A-A82C89648BAB} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [1087056 2011-09-06] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {67E6BBEB-0108-4804-9403-0A1EFAE0346A} - System32\Tasks\{D7AB1216-39FB-4085-9661-7BD76CDDC5BA} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?sou ... tError=404
Task: {6AD1D9ED-3771-41E8-A3E1-79F4348C0BA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {7EB7E02C-70CB-4DE3-B89A-FFDC8DBFBE9C} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe
Task: {8950C707-30A8-4E0A-933F-0AD31826DD1B} - System32\Tasks\{2EBD2048-0AA7-43B6-AFDF-19128B889465} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?sou ... tError=404
Task: {8DF1F60F-ED33-4487-8E0E-1AAB87C2C8CE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {8DF1F60F-ED33-4487-8E0E-1AAB87C2C8CE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {8E3AF7CE-8197-4BC2-904B-D4F2784C6AAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {8FCAF242-1508-48A3-B718-B03AD4F6409E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {A08AFE32-024C-4AFE-BAF7-18D4D8CBFD88} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2275408 2011-09-06] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {A1420425-8CD8-4AE5-BA0E-7D7ED139A3F4} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [5458312 2011-09-28] (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
Task: {BFED0563-7535-46BF-AD2D-2C6FD68264FC} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [784976 2011-08-19] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {C1AB83A7-4510-4422-B69A-33A7C6ED2514} - System32\Tasks\{8CB90008-39CD-43F8-96D2-5F6FD6CBED19} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.5.0.158/cs/a ... rogressBar
Task: {D5EF58E2-2CE6-4F63-8623-0DE46CB8BECC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {D78AC45F-D16D-4D68-980D-FD68CE959E56} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2234519877-4043553204-3602242062-1001Core => C:\Users\Zdenka\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {E4CECE60-6EC5-4082-9F92-C372214588CE} - System32\Tasks\{F70370A2-7667-49BC-ABA1-221F46DD93E3} => C:\windows\system32\pcalua.exe -a "D:\Windows Commander\WinCmd32.exe" -d "D:\Windows Commander"
Task: {EA27D2DC-D4C3-415D-9ABE-E3DE3778AB87} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [3468880 2011-08-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {FC8BF032-614F-4955-8988-67F2FBCF512B} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [369232 2011-08-19] (Samsung Electronics CO., LTD. -> SAMSUNG Electronics co., LTD.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2449EEFA-C9C4-451D-92C2-FF60079CA430}: [DhcpNameServer] 193.138.228.127 91.148.254.5
Tcpip\..\Interfaces\{8450E59B-A367-43AA-A007-18BA68670106}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B236B5F9-65E2-493C-BC77-966EC4867725}: [DhcpNameServer] 77.48.254.254 77.48.100.254 192.168.200.1

Internet Explorer:
==================
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/red ... 685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120305163855738&tb_oid=05-03-2012&tb_mrud=05-03-2012
SearchScopes: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001 -> {E7E90CB1-DD56-4B63-879E-E11B4BCB3331} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYCZ&apn_uid=19c59da4-8b42-445c-8745-458debe2c04c&apn_sauid=7E3B8E43-B90A-4161-AF43-2A0217432244
SearchScopes: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/red ... 685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120305163855738&tb_oid=05-03-2012&tb_mrud=05-03-2012
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-05-15] (Google Inc -> Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll [2011-03-19] (Adobe Systems Incorporated -> Adobe Systems, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-05-15] (Google Inc -> Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-05-15] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll [2011-03-19] (Adobe Systems Incorporated -> Adobe Systems, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-05-15] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-05-15] (Google Inc -> Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Software Sarl -> Skype Technologies)

FireFox:
========
FF DefaultProfile: kh9vblfa.zdenicka-1516003762457
FF ProfilePath: C:\Users\Zdenka\AppData\Roaming\Mozilla\Firefox\Profiles\uyv7zs62.default-1419764199860 [2019-05-14]
FF ProfilePath: C:\Users\Zdenka\AppData\Roaming\Mozilla\Firefox\Profiles\kh9vblfa.zdenicka-1516003762457 [2019-05-15]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Zdenka\AppData\Roaming\Mozilla\Firefox\Profiles\kh9vblfa.zdenicka-1516003762457\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-09]
FF Extension: (Viewer Plus) - C:\Users\Zdenka\AppData\Roaming\Mozilla\Firefox\Profiles\kh9vblfa.zdenicka-1516003762457\Extensions\{880cacfe-5793-4346-89ce-fbbd368d394c}.xpi [2019-04-07]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: (Adobe Contribute Toolbar) - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012-02-22] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] (Apple Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2234519877-4043553204-3602242062-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Zdenka\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-01] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-2234519877-4043553204-3602242062-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Zdenka\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-01] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default [2019-05-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-04-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.WZGQLCYF5OSO67DAKZ4YCIM3DM - C:\Users\Zdenka\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc. -> Apple Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2015-09-15] (ChengDu AoMei Tech Co., Ltd -> AOMEI Tech Co., Ltd.) [File not signed]
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2663568 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\windows\System32\ambakdrv.sys [30648 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed]
R2 ammntdrv; C:\windows\system32\ammntdrv.sys [151480 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed]
R3 AMPPAL; C:\windows\System32\DRIVERS\AMPPAL.sys [294912 2011-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\windows\System32\DRIVERS\amppal.sys [294912 2011-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 amwrtdrv; C:\windows\system32\amwrtdrv.sys [17848 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed]
R3 btmaux; C:\windows\System32\DRIVERS\btmaux.sys [51712 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 btmhsf; C:\windows\System32\DRIVERS\btmhsf.sys [274944 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R1 cmderd; C:\windows\System32\DRIVERS\cmderd.sys [16528 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\windows\System32\DRIVERS\cmdguard.sys [574216 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdHlp; C:\windows\System32\DRIVERS\cmdhlp.sys [43248 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
R0 EUBAKUP; C:\windows\System32\drivers\eubakup.sys [60968 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\windows\System32\drivers\EUBKMON.sys [48168 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
R1 EUDSKACS; C:\windows\system32\drivers\eudskacs.sys [18472 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\windows\system32\drivers\EuFdDisk.sys [192552 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R3 iBtFltCoex; C:\windows\System32\DRIVERS\iBtFltCoex.sys [59904 2011-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 igfx; C:\windows\System32\DRIVERS\igdkmd64.sys [12256512 2010-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R1 inspect; C:\windows\System32\DRIVERS\inspect.sys [93200 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
R3 IntcDAud; C:\windows\System32\DRIVERS\IntcDAud.sys [317440 2010-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R3 NETwNs64; C:\windows\System32\DRIVERS\NETwNs64.sys [8593920 2011-05-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-10-26] (Realtek Semiconductor Corp -> Windows (R) 2003 DDK 3790 provider)
R1 SABI; C:\windows\system32\Drivers\SABI.sys [13824 2011-07-30] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
R2 SGDrv; C:\windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Phoenix Technologies Ltd.)
R3 tap0901; C:\windows\System32\DRIVERS\tap0901.sys [31232 2011-12-15] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-15 19:17 - 2019-05-15 19:18 - 000033791 _____ C:\Users\Zdenka\Desktop\FRST.txt
2019-05-15 19:16 - 2019-05-15 19:17 - 000000000 ____D C:\FRST
2019-05-15 19:15 - 2019-05-15 19:15 - 002434560 _____ (Farbar) C:\Users\Zdenka\Desktop\FRST64.exe
2019-05-14 20:56 - 2019-05-14 20:56 - 000217402 _____ C:\Users\Zdenka\Documents\cc_20190514_205617.reg
2019-05-14 20:55 - 2019-05-14 20:55 - 000351868 _____ C:\Users\Zdenka\Documents\cc_20190514_205527.reg
2019-05-14 20:55 - 2019-05-14 20:55 - 000231874 _____ C:\Users\Zdenka\Documents\cc_20190514_205553.reg
2019-05-14 20:49 - 2019-05-14 20:49 - 000000868 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-05-14 20:49 - 2019-05-14 20:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-05-14 20:49 - 2019-05-14 20:49 - 000000000 ____D C:\Program Files\CCleaner
2019-05-14 20:48 - 2019-05-14 20:48 - 021254208 _____ (Piriform Software Ltd) C:\Users\Zdenka\Desktop\ccsetup556.exe
2019-05-14 20:18 - 2019-05-14 20:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-12 17:13 - 2019-05-12 17:13 - 000001808 _____ C:\Users\Zdenka\Desktop\Parameter.dat
2019-05-12 08:52 - 2019-05-12 08:53 - 000000000 ____D C:\Users\Zdenka\Desktop\fotopast

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-15 19:12 - 2017-01-27 10:28 - 000000000 ____D C:\Users\Zdenka\AppData\Local\Spotify
2019-05-15 19:12 - 2017-01-27 10:27 - 000000000 ____D C:\Users\Zdenka\AppData\Roaming\Spotify
2019-05-15 19:12 - 2016-11-18 19:54 - 000000000 ____D C:\Users\Zdenka\AppData\LocalLow\Mozilla
2019-05-15 19:12 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-05-14 21:40 - 2009-07-14 06:45 - 000028848 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-14 21:40 - 2009-07-14 06:45 - 000028848 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-14 21:37 - 2011-10-13 06:08 - 000672068 _____ C:\windows\system32\perfh005.dat
2019-05-14 21:37 - 2011-10-13 06:08 - 000142636 _____ C:\windows\system32\perfc005.dat
2019-05-14 21:37 - 2009-07-14 07:13 - 001592650 _____ C:\windows\system32\PerfStringBackup.INI
2019-05-14 21:37 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2019-05-14 21:18 - 2011-12-21 22:27 - 001474832 _____ C:\windows\system32\Drivers\sfi.dat
2019-05-14 20:58 - 2016-02-07 19:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-14 20:51 - 2012-01-25 03:35 - 000000000 ____D C:\Users\Zdenka\AppData\Local\CrashDumps
2019-05-14 20:47 - 2018-03-13 19:49 - 000004534 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-14 20:47 - 2012-07-24 19:23 - 000004396 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2019-05-14 20:47 - 2012-07-24 18:46 - 000842296 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2019-05-14 20:47 - 2012-07-24 18:46 - 000175160 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-14 20:47 - 2011-10-13 01:55 - 000000000 ____D C:\windows\SysWOW64\Macromed
2019-05-14 20:20 - 2012-08-22 11:31 - 000002391 _____ C:\Users\Zdenka\Desktop\Google Chrome.lnk
2019-05-14 20:20 - 2012-08-22 11:30 - 000002428 _____ C:\Users\Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-12 20:48 - 2011-10-13 01:46 - 000000000 ____D C:\Users\UpdatusUser

==================== Files in the root of some directories =======

2011-12-21 23:39 - 2015-12-27 15:39 - 000000600 _____ () C:\Users\Zdenka\AppData\Roaming\winscp.rnd
2012-02-22 23:26 - 2013-12-02 21:26 - 000001456 _____ () C:\Users\Zdenka\AppData\Local\Adobe Save for Web 12.0 Prefs
2012-02-22 21:03 - 2017-09-06 11:49 - 000045568 _____ () C:\Users\Zdenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-23 01:55 - 2015-12-21 00:56 - 000000600 _____ () C:\Users\Zdenka\AppData\Local\PUTTY.RND
2013-03-01 17:55 - 2013-03-01 17:55 - 000000017 _____ () C:\Users\Zdenka\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-05-02 18:37
==================== End of FRST.txt ============================

A zde ADDITION :
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05.2019 01
Ran by Zdenka (15-05-2019 19:18:25)
Running from C:\Users\Zdenka\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-21 16:22:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2234519877-4043553204-3602242062-500 - Administrator - Disabled)
Guest (S-1-5-21-2234519877-4043553204-3602242062-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2234519877-4043553204-3602242062-1005 - Limited - Enabled)
UpdatusUser (S-1-5-21-2234519877-4043553204-3602242062-1000 - Limited - Enabled) => C:\Users\UpdatusUser
Zdenka (S-1-5-21-2234519877-4043553204-3602242062-1001 - Administrator - Enabled) => C:\Users\Zdenka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Disabled - Out of date) {7554F4C5-5EC0-2FC6-8192-8DF831DBED51}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Enabled - Up to date) {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
FW: COMODO Firewall (Enabled) {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (HKLM-x32\...\{539A0CEA-17E4-4FE4-A5E8-EC5D40610A79}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ACDSee Pro 3 (HKLM-x32\...\{1B280FAF-AE10-4E31-A41A-DB3917D651DC}) (Version: 3.0.475 - ACD Systems International Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.192 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
COMODO Internet Security (HKLM\...\{4EAB2511-0135-48CA-A47B-CE1E6836793A}) (Version: 5.8.15089.2124 - COMODO Security Solutions Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
EaseUS Todo Backup Free 9.1 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 9.1 - CHENGDU YIWO Tech Development Co., Ltd)
Easy File Share (HKLM-x32\...\{95BB7324-77D3-4BF3-8CF6-29F0857AC175}) (Version: 1.1.1699 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics Co., Ltd.)
eMagicOne Store Manager for Magento PROFESSIONAL 2.12.2.871 (HKLM-x32\...\{6FF5BDE6-E0B8-41B0-9BFB-870331CB04A5}_is1) (Version: 2.12.2.871 - eMagicOne)
ETDWare PS/2-X64 10.0.7.2_WHQL (HKLM\...\Elantech) (Version: 10.0.7.2 - ELAN Microelectronic Corp.)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Google Chrome (HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Google Chrome) (Version: 74.0.3729.157 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version: - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}) (Version: 1.1.0.0157 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Rise Of Nations (HKLM-x32\...\RiseOfNations 1.0) (Version: - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 66.0.5 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.5 (x64 cs)) (Version: 66.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 en-US)) (Version: 45.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA Graphics Driver 268.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.83 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6413 - Realtek Semiconductor Corp.)
Rise of Nations Thrones and Patriots (HKLM-x32\...\RiseofNationsExpansion 1.0) (Version: - )
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00.04 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.1.5 - Samsung)
SEO SpyGlass (HKLM-x32\...\seopowersuite) (Version: 6.22 - SEO PowerSuite)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Sony Ericsson Update Service (HKLM-x32\...\Update Service) (Version: 2.11.12.5 - Sony Ericsson Mobile Communications AB)
Spotify (HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Spotify) (Version: 1.1.6.113.gb388fe17 - Spotify AB)
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA CZ Lite (HKLM-x32\...\{1EA0E977-256E-48F3-8912-049BA378B133}) (Version: 11200.103 - STORMWARE)
STORMWARE POHODA Start CZ (HKLM-x32\...\{C7F86EE3-34D4-4195-82F2-2412218CF67E}) (Version: 10600.130 - STORMWARE)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.47.6 - Electronic Arts)
UltraVnc (HKLM-x32\...\Ultravnc2_is1) (Version: 1.1.9.0 - uvnc bvba)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.0.2 beta (HKLM-x32\...\winscp3_is1) (Version: 5.0.2 beta - Martin Prikryl)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Zdenka\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Zdenka\AppData\Local\Google\Chrome\Application\74.0.3729.157\notification_helper.exe (Google LLC -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Zdenka\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [BTMSentToExt] -> {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30] (Intel Corporation - Mobile Wireless Group -> Intel Corporation)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2011-06-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2011-10-13 01:52 - 2006-08-12 05:48 - 000049152 _____ () [File not signed] C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2011-10-13 01:52 - 2011-02-16 18:03 - 000203776 _____ () [File not signed] C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2011-10-13 02:03 - 2010-05-07 16:22 - 001636864 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2011-05-02 04:40 - 2011-05-02 04:40 - 000034304 _____ () [File not signed] C:\windows\System32\ssm1mlm.dll
2012-11-20 11:37 - 2012-06-09 20:20 - 000196096 _____ (Alexander Roshal) [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2016-05-02 23:12 - 2015-02-26 00:00 - 002403504 _____ (Aomei Technology Co., Limited -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll
2011-10-13 01:44 - 2011-05-05 14:11 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2014-03-15 15:33 - 2013-10-04 09:42 - 000210944 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000118488 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Backup.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000282328 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrFat.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000102104 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrLog.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000962264 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000102104 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrVol.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000282328 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Clone.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000290520 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Comn.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000069336 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Compress.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000061144 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Device.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000175832 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000241368 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000028376 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000483032 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000155352 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000122584 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000253656 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000347864 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000077528 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Ldm.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000691928 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Sync.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000306904 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000029912 _____ (ChengDu AoMei Tech Co., Ltd -> AOMEI Tech Co., Ltd.) [File not signed] C:\Program Files (x86)\AOMEI Backupper\ABService.exe
2016-05-02 23:12 - 2015-09-15 17:56 - 001181400 _____ (ChengDu AoMei Tech Co., Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\AOMEI Backupper\LIBEAY32.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000275160 _____ (ChengDu AoMei Tech Co., Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\AOMEI Backupper\SSLEAY32.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000025128 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000131856 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000023824 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000020008 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000443944 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000042256 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000169512 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudInterface.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000077864 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000177424 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000020752 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000191248 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000027408 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000080936 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000089640 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000017448 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000020520 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000138792 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000027176 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000353832 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000030760 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000281128 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000193064 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000201768 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000148008 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000032296 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000769064 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000061992 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000076840 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000111656 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000050216 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000024616 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000072232 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000158248 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 001296424 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000077864 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000068136 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000059944 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000056360 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000207912 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000146984 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000064040 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000224808 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000501800 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\StorageMgr.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000043048 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000088616 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000058640 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000034856 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2016-04-21 23:00 - 2015-12-10 06:14 - 000249384 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2016-04-21 23:00 - 2015-12-10 06:04 - 000139816 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000136232 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000060968 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2016-04-21 23:00 - 2015-12-10 06:16 - 000275496 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\TrayPopup\libcurl.dll
2016-04-21 23:00 - 2015-12-10 06:16 - 000223272 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\TrayPopup\traynet.dll
2016-04-21 23:00 - 2015-12-10 06:16 - 000253992 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe
2016-04-21 23:00 - 2015-12-10 06:16 - 000249896 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\TrayPopup\uexper.dll
2016-04-21 23:00 - 2015-12-10 06:16 - 000118328 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\TrayPopup\zlib1.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000898088 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> Free Software Foundation) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\iconv.dll
2016-04-21 23:00 - 2015-12-10 06:14 - 000036904 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
2016-04-21 23:00 - 2016-02-24 17:59 - 000539920 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmdManager.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000020008 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ControlPxe.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000689704 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EMail.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000044584 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuPipe.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000221224 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlBackup.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000100904 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlBackupSize.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000591400 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlImgFile.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000044072 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlSearchImg.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000159272 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Ftp.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000017448 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FTPTest.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000079400 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImageFileInfo.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000293928 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFileHlp.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000153128 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\MatchStr.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000026664 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Options.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000093224 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\PolicyManage.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000121896 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Thread.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000077864 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Transmit.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000042536 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\XmlWrapper.dll
2016-04-21 23:00 - 2015-12-10 06:05 - 000303656 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
2011-03-22 18:41 - 2011-03-22 18:41 - 002785792 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\Resources\csy.dll
2011-10-13 01:44 - 2011-05-05 14:05 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2010-08-16 13:01 - 2010-08-16 13:01 - 000333312 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
2011-04-21 10:04 - 2011-04-21 10:04 - 000116224 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
2011-12-21 23:38 - 2011-09-14 23:01 - 000200192 _____ (Martin Prikryl) [File not signed] C:\Program Files (x86)\WinSCP\DragExt64.dll
2012-02-21 21:10 - 2012-02-21 21:10 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2011-12-09 19:22 - 2011-12-09 19:22 - 000074752 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\winampa.exe
2016-04-21 23:00 - 2016-01-26 08:27 - 002454016 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\python27.dll
2011-10-13 01:52 - 2011-09-28 01:23 - 005458312 _____ (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed] C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
2012-08-13 21:07 - 2012-08-02 10:08 - 000037376 _____ (Windows (R) Server 2003 DDK provider) [File not signed] C:\windows\system32\spool\PRTPROCS\x64\ssm1mpc.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:D282699C [103]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-02-12 16:23 - 000000826 _____ C:\windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\EaseUS\Todo Backup\bin
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Zdenka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6719708D-8A79-4116-8D0D-8EC720BDE700}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{13AD21C8-B186-4864-BE9D-2248301302FF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1C56C6D1-51B6-4BF5-A905-5C5FDF2C54B9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A3CC8FD-E69E-4FEC-8300-32FBCB1E15C1}] => (Allow) LPort=2869
FirewallRules: [{5D22F7B8-C542-4172-943E-2C928DC27A72}] => (Allow) LPort=1900
FirewallRules: [{E8DABBD7-4B43-450A-8393-6DE0CBE8625C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3BBF14E6-9442-4929-B397-E730917B609D}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DF112FC-DE12-40F7-B179-8F3D78FA5313}] => (Allow) C:\Program Files (x86)\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{81422CE2-A672-4AEC-8ADE-F57E27A4E889}] => (Allow) C:\Program Files (x86)\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{C7E88A91-8FED-4D64-B4A5-6A3D07A20023}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{61544033-FA5D-49FA-970B-F65344322309}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{920CCEC0-670F-4D9E-BBBB-DC02C82CA5AD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0E0AFC74-BF70-48BE-BD07-F3D81CB9275A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1F1F32E0-0F42-457D-B808-17A8F704D890}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C15C7D5-0DAA-4093-B1BA-E7FFAB4E4BFC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3D37D5F1-BE05-4523-AEB6-4E6D996A09C4}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{85439DE8-95D4-427B-BA2F-43DA3802391A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{0C67E8C9-4174-475F-B833-39DEC03E0373}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{A197DAEA-4F4C-4352-AA36-CB4CF4B3E289}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{4852D7E3-0CE0-4F3A-B273-4D70613D24FA}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{47F059F9-E5DB-437B-B370-206FDC0ECCB0}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{60305E50-7DB8-482E-AD90-59CF1EECD224}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{6DF67ADC-9E9A-424E-83AB-E91CA56D4150}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{4D2220FF-A7F6-41DD-9CDA-F4B1D49F99A9}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Service\Update Service.exe (Sony Ericsson Mobile Communications AB -> ) [File not signed]
FirewallRules: [{2DE59F46-57D3-4246-99A6-44FAF2E91FF6}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Service\Update Service.exe (Sony Ericsson Mobile Communications AB -> ) [File not signed]
FirewallRules: [{86AC7E85-24DC-4D8C-A5A5-C1889FFAE0E9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2DDDED67-0AA0-4997-802B-73AD66155951}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{661B47EE-C3BB-4F3A-9E59-C3449CAE7E0D}] => (Allow) C:\Users\Zdenka\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

06-04-2019 13:52:29 Windows Update
14-04-2019 12:59:08 Naplánovaný kontrolní bod
02-05-2019 18:35:27 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/15/2019 07:14:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/14/2019 09:34:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/14/2019 09:00:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/14/2019 08:58:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/14/2019 08:58:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/14/2019 08:58:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/14/2019 08:58:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (05/14/2019 08:58:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (05/15/2019 07:12:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:09:20, ‎15.‎5.‎2019) bylo neočekávané.

Error: (05/14/2019 09:32:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:22:05, ‎14.‎5.‎2019) bylo neočekávané.

Error: (05/14/2019 08:58:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (05/14/2019 08:58:27 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (05/14/2019 08:46:57 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Neočekávaná chyba. Kód chyby: D@01010004

Error: (05/14/2019 08:46:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:43:25, ‎14.‎5.‎2019) bylo neočekávané.

Error: (05/12/2019 09:11:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:09:15, ‎12.‎5.‎2019) bylo neočekávané.

Error: (05/12/2019 08:46:12 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:41:42, ‎12.‎5.‎2019) bylo neočekávané.


Windows Defender:
===================================
Date: 2017-11-21 10:29:49.154
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{727CA5A6-04C5-4381-9EB0-EA533707D99D}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\SYSTEM

Date: 2018-07-12 18:03:36.847
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.751.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-12 18:03:36.847
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: Phoenix Technologies Ltd. 01QA 09/05/2011
Motherboard: SAMSUNG ELECTRONICS CO., LTD. 300E4A/300E5A/300E7A
Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Percentage of memory in use: 91%
Total physical RAM: 4009.55 MB
Available physical RAM: 321.51 MB
Total Virtual: 8017.3 MB
Available Virtual: 3637.28 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:230 GB) (Free:18.51 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:159.06 GB) (Free:37.09 GB) NTFS

\\?\Volume{323111f4-f5b1-11e0-a099-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{86635d02-0860-11e6-84da-dca97166f1f6}\ () (Fixed) (Total:0 GB) (Free:0 GB)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 58246865)
Partition 1: (Active) - (Size=99 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=58 GB) - (Type=27)
Partition 4: (Not Active) - (Size=159.1 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 15 kvě 2019 18:58 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110009
Bydliště: Plzeň
Zdravím!
Spusťte tuto utilitu:

Citace:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 15 kvě 2019 19:24 
Offline
Návštěvník
Návštěvník

Registrován: 25 lis 2007 08:52
Příspěvky: 41
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-15-2019
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\apn
Deleted C:\Users\Zdenka\AppData\LocalLow\AskToolbar
Deleted C:\Users\Zdenka\AppData\Roaming\OpenCandy

***** [ Files ] *****

Deleted C:\Windows\Temp\FastBrowsing2.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Deleted HKU\S-1-5-21-2234519877-4043553204-3602242062-1000\Software\Conduit
Deleted HKU\S-1-5-21-2234519877-4043553204-3602242062-1000\Software\Winamp Toolbar

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1910 octets] - [15/05/2019 20:21:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 15 kvě 2019 19:56 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110009
Bydliště: Plzeň
Dejte nové logy FRST+Addition.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 15 kvě 2019 20:09 
Offline
Návštěvník
Návštěvník

Registrován: 25 lis 2007 08:52
Příspěvky: 41
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05.2019 01
Ran by Zdenka (administrator) on SAMSUNG_NB (SAMSUNG ELECTRONICS CO., LTD. 300E4A/300E5A/300E7A) (15-05-2019 21:06:06)
Running from C:\Users\Zdenka\Desktop
Loaded Profiles: UpdatusUser & Zdenka (Available Profiles: UpdatusUser & Zdenka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ACD Systems International Inc -> ACD Systems International Inc.) C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ChengDu AoMei Tech Co., Ltd -> AOMEI Tech Co., Ltd.) [File not signed] C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\winampa.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed] C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics CO., LTD. -> SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12558440 2011-07-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10372368 2011-03-30] (Intel Corporation - Mobile Wireless Group -> Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2721576 2011-06-17] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9263944 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [EaseUS TB Tray Agent] => C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe [253992 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Run: [Device Detector] => DevDetect.exe -autorun
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Run: [Google Update] => C:\Users\Zdenka\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-05-15] (Google Inc -> Google LLC)
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Run: [Spotify] => C:\Users\Zdenka\AppData\Roaming\Spotify\Spotify.exe [25817832 2019-05-12] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\MountPoints2: {8420665a-0e6d-11e5-8b74-dca97166f1f6} - G:\Startme.exe
HKLM\...\Drivers32: [VIDC.ACDV] => ACDV.dll
HKLM\...\Drivers32-x32: [VIDC.ACDV] => ACDV.dll
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [226920 2011-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
AppInit_DLLs: C:\windows\system32\guard64.dll => C:\windows\system32\guard64.dll [388280 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [193128 2011-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\guard32.dll => C:\windows\SysWOW64\guard32.dll [300200 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0198F9E9-3AE7-47E3-AE8B-4702DA3721B2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {0198F9E9-3AE7-47E3-AE8B-4702DA3721B2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {04C3A23B-B6DE-4ED1-9204-1BB952FDEEC1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {04C3A23B-B6DE-4ED1-9204-1BB952FDEEC1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {04C3A23B-B6DE-4ED1-9204-1BB952FDEEC1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {0780B7D1-2474-4A69-B531-EE50935F2A97} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-14] (Adobe Inc. -> Adobe)
Task: {0B178AAC-79FD-48E4-AA6D-632C4EA3537E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2234519877-4043553204-3602242062-1001UA => C:\Users\Zdenka\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {0E49BBCF-A203-4CC5-8EC5-C026FB9BE446} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {0E49BBCF-A203-4CC5-8EC5-C026FB9BE446} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {216EA3A1-C64E-4979-A369-B088EE343DC8} - System32\Tasks\{DB30F249-C942-418B-85EB-34C6C2746EED} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.7.0.102/cs/a ... age=tsMain
Task: {23A5B4D0-475A-4B4A-991B-C8D9009C7E2F} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4403280 2011-06-24] (Samsung Electronics CO., LTD. -> SEC)
Task: {23CBE672-B110-4FCE-9CEF-8FC674BEC1FF} - System32\Tasks\{FD31B3C0-D273-41C5-83EF-E26E5600AD49} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.5.0.158/cs/a ... rogressBar
Task: {3B6A32A0-80A2-4649-BAEF-5FDE7880E91B} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {6744045E-8C3D-4580-AC7A-A82C89648BAB} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [1087056 2011-09-06] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {67E6BBEB-0108-4804-9403-0A1EFAE0346A} - System32\Tasks\{D7AB1216-39FB-4085-9661-7BD76CDDC5BA} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?sou ... tError=404
Task: {6AD1D9ED-3771-41E8-A3E1-79F4348C0BA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {7EB7E02C-70CB-4DE3-B89A-FFDC8DBFBE9C} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe
Task: {8950C707-30A8-4E0A-933F-0AD31826DD1B} - System32\Tasks\{2EBD2048-0AA7-43B6-AFDF-19128B889465} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?sou ... tError=404
Task: {8DF1F60F-ED33-4487-8E0E-1AAB87C2C8CE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {8DF1F60F-ED33-4487-8E0E-1AAB87C2C8CE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {8E3AF7CE-8197-4BC2-904B-D4F2784C6AAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {8FCAF242-1508-48A3-B718-B03AD4F6409E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {A08AFE32-024C-4AFE-BAF7-18D4D8CBFD88} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2275408 2011-09-06] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {A1420425-8CD8-4AE5-BA0E-7D7ED139A3F4} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [5458312 2011-09-28] (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
Task: {BFED0563-7535-46BF-AD2D-2C6FD68264FC} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [784976 2011-08-19] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {C1AB83A7-4510-4422-B69A-33A7C6ED2514} - System32\Tasks\{8CB90008-39CD-43F8-96D2-5F6FD6CBED19} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.5.0.158/cs/a ... rogressBar
Task: {D5EF58E2-2CE6-4F63-8623-0DE46CB8BECC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {D78AC45F-D16D-4D68-980D-FD68CE959E56} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2234519877-4043553204-3602242062-1001Core => C:\Users\Zdenka\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {E4CECE60-6EC5-4082-9F92-C372214588CE} - System32\Tasks\{F70370A2-7667-49BC-ABA1-221F46DD93E3} => C:\windows\system32\pcalua.exe -a "D:\Windows Commander\WinCmd32.exe" -d "D:\Windows Commander"
Task: {EA27D2DC-D4C3-415D-9ABE-E3DE3778AB87} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [3468880 2011-08-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {FC8BF032-614F-4955-8988-67F2FBCF512B} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [369232 2011-08-19] (Samsung Electronics CO., LTD. -> SAMSUNG Electronics co., LTD.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2449EEFA-C9C4-451D-92C2-FF60079CA430}: [DhcpNameServer] 193.138.228.127 91.148.254.5
Tcpip\..\Interfaces\{8450E59B-A367-43AA-A007-18BA68670106}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B236B5F9-65E2-493C-BC77-966EC4867725}: [DhcpNameServer] 77.48.254.254 77.48.100.254 192.168.200.1

Internet Explorer:
==================
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001 -> {E7E90CB1-DD56-4B63-879E-E11B4BCB3331} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYCZ&apn_uid=19c59da4-8b42-445c-8745-458debe2c04c&apn_sauid=7E3B8E43-B90A-4161-AF43-2A0217432244
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-05-15] (Google Inc -> Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll [2011-03-19] (Adobe Systems Incorporated -> Adobe Systems, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-05-15] (Google Inc -> Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-05-15] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll [2011-03-19] (Adobe Systems Incorporated -> Adobe Systems, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-05-15] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-05-15] (Google Inc -> Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Software Sarl -> Skype Technologies)

FireFox:
========
FF DefaultProfile: kh9vblfa.zdenicka-1516003762457
FF ProfilePath: C:\Users\Zdenka\AppData\Roaming\Mozilla\Firefox\Profiles\uyv7zs62.default-1419764199860 [2019-05-14]
FF ProfilePath: C:\Users\Zdenka\AppData\Roaming\Mozilla\Firefox\Profiles\kh9vblfa.zdenicka-1516003762457 [2019-05-15]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Zdenka\AppData\Roaming\Mozilla\Firefox\Profiles\kh9vblfa.zdenicka-1516003762457\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15]
FF Extension: (Viewer Plus) - C:\Users\Zdenka\AppData\Roaming\Mozilla\Firefox\Profiles\kh9vblfa.zdenicka-1516003762457\Extensions\{880cacfe-5793-4346-89ce-fbbd368d394c}.xpi [2019-04-07]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: (Adobe Contribute Toolbar) - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012-02-22] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] (Apple Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2234519877-4043553204-3602242062-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Zdenka\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-2234519877-4043553204-3602242062-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Zdenka\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default [2019-05-15]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.WZGQLCYF5OSO67DAKZ4YCIM3DM - C:\Users\Zdenka\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc. -> Apple Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2015-09-15] (ChengDu AoMei Tech Co., Ltd -> AOMEI Tech Co., Ltd.) [File not signed]
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2663568 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\windows\System32\ambakdrv.sys [30648 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed]
R2 ammntdrv; C:\windows\system32\ammntdrv.sys [151480 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed]
R3 AMPPAL; C:\windows\System32\DRIVERS\AMPPAL.sys [294912 2011-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\windows\System32\DRIVERS\amppal.sys [294912 2011-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 amwrtdrv; C:\windows\system32\amwrtdrv.sys [17848 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed]
R3 btmaux; C:\windows\System32\DRIVERS\btmaux.sys [51712 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 btmhsf; C:\windows\System32\DRIVERS\btmhsf.sys [274944 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R1 cmderd; C:\windows\System32\DRIVERS\cmderd.sys [16528 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\windows\System32\DRIVERS\cmdguard.sys [574216 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdHlp; C:\windows\System32\DRIVERS\cmdhlp.sys [43248 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
R0 EUBAKUP; C:\windows\System32\drivers\eubakup.sys [60968 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\windows\System32\drivers\EUBKMON.sys [48168 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
R1 EUDSKACS; C:\windows\system32\drivers\eudskacs.sys [18472 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUFDDISK; C:\windows\system32\drivers\EuFdDisk.sys [192552 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R3 iBtFltCoex; C:\windows\System32\DRIVERS\iBtFltCoex.sys [59904 2011-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 igfx; C:\windows\System32\DRIVERS\igdkmd64.sys [12256512 2010-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R1 inspect; C:\windows\System32\DRIVERS\inspect.sys [93200 2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
R3 IntcDAud; C:\windows\System32\DRIVERS\IntcDAud.sys [317440 2010-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R3 NETwNs64; C:\windows\System32\DRIVERS\NETwNs64.sys [8593920 2011-05-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-10-26] (Realtek Semiconductor Corp -> Windows (R) 2003 DDK 3790 provider)
R1 SABI; C:\windows\system32\Drivers\SABI.sys [13824 2011-07-30] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
R2 SGDrv; C:\windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Phoenix Technologies Ltd.)
R3 tap0901; C:\windows\System32\DRIVERS\tap0901.sys [31232 2011-12-15] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-15 21:06 - 2019-05-15 21:06 - 000033062 _____ C:\Users\Zdenka\Desktop\FRST.txt
2019-05-15 20:20 - 2019-05-15 20:21 - 000000000 ____D C:\AdwCleaner
2019-05-15 20:19 - 2019-05-15 20:19 - 007025360 _____ (Malwarebytes) C:\Users\Zdenka\Desktop\adwcleaner_7.3.exe
2019-05-15 19:16 - 2019-05-15 21:06 - 000000000 ____D C:\FRST
2019-05-15 19:15 - 2019-05-15 19:15 - 002434560 _____ (Farbar) C:\Users\Zdenka\Desktop\FRST64.exe
2019-05-14 20:56 - 2019-05-14 20:56 - 000217402 _____ C:\Users\Zdenka\Documents\cc_20190514_205617.reg
2019-05-14 20:55 - 2019-05-14 20:55 - 000351868 _____ C:\Users\Zdenka\Documents\cc_20190514_205527.reg
2019-05-14 20:55 - 2019-05-14 20:55 - 000231874 _____ C:\Users\Zdenka\Documents\cc_20190514_205553.reg
2019-05-14 20:49 - 2019-05-14 20:49 - 000000868 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-05-14 20:49 - 2019-05-14 20:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-05-14 20:49 - 2019-05-14 20:49 - 000000000 ____D C:\Program Files\CCleaner
2019-05-14 20:48 - 2019-05-14 20:48 - 021254208 _____ (Piriform Software Ltd) C:\Users\Zdenka\Desktop\ccsetup556.exe
2019-05-14 20:18 - 2019-05-14 20:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-12 17:13 - 2019-05-12 17:13 - 000001808 _____ C:\Users\Zdenka\Desktop\Parameter.dat
2019-05-12 08:52 - 2019-05-12 08:53 - 000000000 ____D C:\Users\Zdenka\Desktop\fotopast

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-15 20:42 - 2017-11-24 13:13 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-15 20:30 - 2009-07-14 06:45 - 000028848 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-15 20:30 - 2009-07-14 06:45 - 000028848 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-15 20:28 - 2011-10-13 06:08 - 000672068 _____ C:\windows\system32\perfh005.dat
2019-05-15 20:28 - 2011-10-13 06:08 - 000142636 _____ C:\windows\system32\perfc005.dat
2019-05-15 20:28 - 2009-07-14 07:13 - 001592650 _____ C:\windows\system32\PerfStringBackup.INI
2019-05-15 20:28 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2019-05-15 20:22 - 2017-01-27 10:28 - 000000000 ____D C:\Users\Zdenka\AppData\Local\Spotify
2019-05-15 20:22 - 2017-01-27 10:27 - 000000000 ____D C:\Users\Zdenka\AppData\Roaming\Spotify
2019-05-15 20:22 - 2016-11-18 19:54 - 000000000 ____D C:\Users\Zdenka\AppData\LocalLow\Mozilla
2019-05-15 20:22 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-05-15 19:32 - 2011-12-21 22:27 - 001474832 _____ C:\windows\system32\Drivers\sfi.dat
2019-05-15 19:25 - 2012-08-22 11:29 - 000003566 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2234519877-4043553204-3602242062-1001UA
2019-05-15 19:25 - 2012-08-22 11:29 - 000003294 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2234519877-4043553204-3602242062-1001Core
2019-05-14 20:58 - 2016-02-07 19:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-14 20:51 - 2012-01-25 03:35 - 000000000 ____D C:\Users\Zdenka\AppData\Local\CrashDumps
2019-05-14 20:47 - 2018-03-13 19:49 - 000004534 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-14 20:47 - 2012-07-24 19:23 - 000004396 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2019-05-14 20:47 - 2012-07-24 18:46 - 000842296 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2019-05-14 20:47 - 2012-07-24 18:46 - 000175160 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-14 20:47 - 2011-10-13 01:55 - 000000000 ____D C:\windows\SysWOW64\Macromed
2019-05-14 20:20 - 2012-08-22 11:31 - 000002391 _____ C:\Users\Zdenka\Desktop\Google Chrome.lnk
2019-05-14 20:20 - 2012-08-22 11:30 - 000002428 _____ C:\Users\Zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-12 20:48 - 2011-10-13 01:46 - 000000000 ____D C:\Users\UpdatusUser

==================== Files in the root of some directories =======

2011-12-21 23:39 - 2015-12-27 15:39 - 000000600 _____ () C:\Users\Zdenka\AppData\Roaming\winscp.rnd
2012-02-22 23:26 - 2013-12-02 21:26 - 000001456 _____ () C:\Users\Zdenka\AppData\Local\Adobe Save for Web 12.0 Prefs
2012-02-22 21:03 - 2017-09-06 11:49 - 000045568 _____ () C:\Users\Zdenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-23 01:55 - 2015-12-21 00:56 - 000000600 _____ () C:\Users\Zdenka\AppData\Local\PUTTY.RND
2013-03-01 17:55 - 2013-03-01 17:55 - 000000017 _____ () C:\Users\Zdenka\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-05-02 18:37
==================== End of FRST.txt ============================


a ADDITION :

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05.2019 01
Ran by Zdenka (15-05-2019 21:07:10)
Running from C:\Users\Zdenka\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-21 16:22:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2234519877-4043553204-3602242062-500 - Administrator - Disabled)
Guest (S-1-5-21-2234519877-4043553204-3602242062-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2234519877-4043553204-3602242062-1005 - Limited - Enabled)
UpdatusUser (S-1-5-21-2234519877-4043553204-3602242062-1000 - Limited - Enabled) => C:\Users\UpdatusUser
Zdenka (S-1-5-21-2234519877-4043553204-3602242062-1001 - Administrator - Enabled) => C:\Users\Zdenka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Disabled - Out of date) {7554F4C5-5EC0-2FC6-8192-8DF831DBED51}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Enabled - Up to date) {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
FW: COMODO Firewall (Enabled) {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (HKLM-x32\...\{539A0CEA-17E4-4FE4-A5E8-EC5D40610A79}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ACDSee Pro 3 (HKLM-x32\...\{1B280FAF-AE10-4E31-A41A-DB3917D651DC}) (Version: 3.0.475 - ACD Systems International Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.192 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
COMODO Internet Security (HKLM\...\{4EAB2511-0135-48CA-A47B-CE1E6836793A}) (Version: 5.8.15089.2124 - COMODO Security Solutions Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
EaseUS Todo Backup Free 9.1 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 9.1 - CHENGDU YIWO Tech Development Co., Ltd)
Easy File Share (HKLM-x32\...\{95BB7324-77D3-4BF3-8CF6-29F0857AC175}) (Version: 1.1.1699 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics Co., Ltd.)
eMagicOne Store Manager for Magento PROFESSIONAL 2.12.2.871 (HKLM-x32\...\{6FF5BDE6-E0B8-41B0-9BFB-870331CB04A5}_is1) (Version: 2.12.2.871 - eMagicOne)
ETDWare PS/2-X64 10.0.7.2_WHQL (HKLM\...\Elantech) (Version: 10.0.7.2 - ELAN Microelectronic Corp.)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Google Chrome (HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Google Chrome) (Version: 74.0.3729.157 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version: - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}) (Version: 1.1.0.0157 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Rise Of Nations (HKLM-x32\...\RiseOfNations 1.0) (Version: - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 66.0.5 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.5 (x64 cs)) (Version: 66.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 en-US)) (Version: 45.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA Graphics Driver 268.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.83 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6413 - Realtek Semiconductor Corp.)
Rise of Nations Thrones and Patriots (HKLM-x32\...\RiseofNationsExpansion 1.0) (Version: - )
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00.04 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.1.5 - Samsung)
SEO SpyGlass (HKLM-x32\...\seopowersuite) (Version: 6.22 - SEO PowerSuite)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Sony Ericsson Update Service (HKLM-x32\...\Update Service) (Version: 2.11.12.5 - Sony Ericsson Mobile Communications AB)
Spotify (HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Spotify) (Version: 1.1.6.113.gb388fe17 - Spotify AB)
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA CZ Lite (HKLM-x32\...\{1EA0E977-256E-48F3-8912-049BA378B133}) (Version: 11200.103 - STORMWARE)
STORMWARE POHODA Start CZ (HKLM-x32\...\{C7F86EE3-34D4-4195-82F2-2412218CF67E}) (Version: 10600.130 - STORMWARE)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.47.6 - Electronic Arts)
UltraVnc (HKLM-x32\...\Ultravnc2_is1) (Version: 1.1.9.0 - uvnc bvba)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.0.2 beta (HKLM-x32\...\winscp3_is1) (Version: 5.0.2 beta - Martin Prikryl)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Zdenka\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Zdenka\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Zdenka\AppData\Local\Google\Chrome\Application\74.0.3729.157\notification_helper.exe (Google LLC -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Zdenka\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [BTMSentToExt] -> {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30] (Intel Corporation - Mobile Wireless Group -> Intel Corporation)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2011-06-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2011-10-07] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2011-10-13 01:52 - 2006-08-12 05:48 - 000049152 _____ () [File not signed] C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2011-10-13 01:52 - 2011-02-16 18:03 - 000203776 _____ () [File not signed] C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2011-10-13 02:03 - 2010-05-07 16:22 - 001636864 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2011-05-02 04:40 - 2011-05-02 04:40 - 000034304 _____ () [File not signed] C:\windows\System32\ssm1mlm.dll
2012-11-20 11:37 - 2012-06-09 20:20 - 000196096 _____ (Alexander Roshal) [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2016-05-02 23:12 - 2015-02-26 00:00 - 002403504 _____ (Aomei Technology Co., Limited -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll
2011-10-13 01:44 - 2011-05-05 14:11 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2014-03-15 15:33 - 2013-10-04 09:42 - 000210944 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000118488 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Backup.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000282328 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrFat.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000102104 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrLog.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000962264 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000102104 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrVol.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000282328 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Clone.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000290520 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Comn.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000069336 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Compress.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000061144 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Device.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000175832 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000241368 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000028376 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000483032 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000155352 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000122584 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000253656 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000347864 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000077528 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Ldm.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000691928 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Sync.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000306904 _____ (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000029912 _____ (ChengDu AoMei Tech Co., Ltd -> AOMEI Tech Co., Ltd.) [File not signed] C:\Program Files (x86)\AOMEI Backupper\ABService.exe
2016-05-02 23:12 - 2015-09-15 17:56 - 001181400 _____ (ChengDu AoMei Tech Co., Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\AOMEI Backupper\LIBEAY32.dll
2016-05-02 23:12 - 2015-09-15 17:56 - 000275160 _____ (ChengDu AoMei Tech Co., Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\AOMEI Backupper\SSLEAY32.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000025128 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000131856 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000023824 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000020008 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000443944 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000042256 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000169512 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudInterface.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000077864 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000177424 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000020752 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000191248 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000027408 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000080936 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000089640 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000017448 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000020520 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000138792 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000027176 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000353832 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000030760 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000281128 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000193064 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000201768 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000148008 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000032296 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000769064 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000061992 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000076840 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000111656 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000050216 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000024616 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000072232 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000158248 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 001296424 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000077864 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000068136 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000059944 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000056360 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000207912 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000146984 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000064040 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000224808 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000501800 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\StorageMgr.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000043048 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000088616 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2016-04-21 23:00 - 2016-02-24 17:59 - 000058640 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000034856 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2016-04-21 23:00 - 2015-12-10 06:14 - 000249384 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2016-04-21 23:00 - 2015-12-10 06:04 - 000139816 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000136232 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000060968 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2016-04-21 23:00 - 2015-12-10 06:16 - 000275496 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\TrayPopup\libcurl.dll
2016-04-21 23:00 - 2015-12-10 06:16 - 000223272 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\TrayPopup\traynet.dll
2016-04-21 23:00 - 2015-12-10 06:16 - 000253992 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe
2016-04-21 23:00 - 2015-12-10 06:16 - 000249896 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\TrayPopup\uexper.dll
2016-04-21 23:00 - 2015-12-10 06:16 - 000118328 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\TrayPopup\zlib1.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000898088 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> Free Software Foundation) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\iconv.dll
2016-04-21 23:00 - 2015-12-10 06:14 - 000036904 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
2016-04-21 23:00 - 2016-02-24 17:59 - 000539920 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmdManager.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000020008 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ControlPxe.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000689704 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EMail.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000044584 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuPipe.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000221224 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlBackup.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000100904 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlBackupSize.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000591400 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlImgFile.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000044072 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FlSearchImg.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000159272 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Ftp.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000017448 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\FTPTest.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000079400 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImageFileInfo.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000293928 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFileHlp.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000153128 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\MatchStr.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000026664 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Options.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000093224 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\PolicyManage.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000121896 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Thread.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000077864 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Transmit.dll
2016-04-21 23:00 - 2015-12-10 06:04 - 000042536 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\XmlWrapper.dll
2016-04-21 23:00 - 2015-12-10 06:05 - 000303656 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
2011-03-22 18:41 - 2011-03-22 18:41 - 002785792 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\Resources\csy.dll
2011-10-13 01:44 - 2011-05-05 14:05 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2010-08-16 13:01 - 2010-08-16 13:01 - 000333312 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
2011-04-21 10:04 - 2011-04-21 10:04 - 000116224 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
2011-12-21 23:38 - 2011-09-14 23:01 - 000200192 _____ (Martin Prikryl) [File not signed] C:\Program Files (x86)\WinSCP\DragExt64.dll
2012-02-21 21:10 - 2012-02-21 21:10 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2011-12-09 19:22 - 2011-12-09 19:22 - 000074752 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\winampa.exe
2016-04-21 23:00 - 2016-01-26 08:27 - 002454016 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\python27.dll
2011-10-13 01:52 - 2011-09-28 01:23 - 005458312 _____ (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed] C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
2012-08-13 21:07 - 2012-08-02 10:08 - 000037376 _____ (Windows (R) Server 2003 DDK provider) [File not signed] C:\windows\system32\spool\PRTPROCS\x64\ssm1mpc.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:D282699C [103]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-02-12 16:23 - 000000826 _____ C:\windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\EaseUS\Todo Backup\bin
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Zdenka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6719708D-8A79-4116-8D0D-8EC720BDE700}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{13AD21C8-B186-4864-BE9D-2248301302FF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1C56C6D1-51B6-4BF5-A905-5C5FDF2C54B9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A3CC8FD-E69E-4FEC-8300-32FBCB1E15C1}] => (Allow) LPort=2869
FirewallRules: [{5D22F7B8-C542-4172-943E-2C928DC27A72}] => (Allow) LPort=1900
FirewallRules: [{E8DABBD7-4B43-450A-8393-6DE0CBE8625C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3BBF14E6-9442-4929-B397-E730917B609D}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DF112FC-DE12-40F7-B179-8F3D78FA5313}] => (Allow) C:\Program Files (x86)\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{81422CE2-A672-4AEC-8ADE-F57E27A4E889}] => (Allow) C:\Program Files (x86)\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{C7E88A91-8FED-4D64-B4A5-6A3D07A20023}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{61544033-FA5D-49FA-970B-F65344322309}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{920CCEC0-670F-4D9E-BBBB-DC02C82CA5AD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0E0AFC74-BF70-48BE-BD07-F3D81CB9275A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1F1F32E0-0F42-457D-B808-17A8F704D890}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C15C7D5-0DAA-4093-B1BA-E7FFAB4E4BFC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3D37D5F1-BE05-4523-AEB6-4E6D996A09C4}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{85439DE8-95D4-427B-BA2F-43DA3802391A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{0C67E8C9-4174-475F-B833-39DEC03E0373}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{A197DAEA-4F4C-4352-AA36-CB4CF4B3E289}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{4852D7E3-0CE0-4F3A-B273-4D70613D24FA}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{47F059F9-E5DB-437B-B370-206FDC0ECCB0}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{60305E50-7DB8-482E-AD90-59CF1EECD224}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{6DF67ADC-9E9A-424E-83AB-E91CA56D4150}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{4D2220FF-A7F6-41DD-9CDA-F4B1D49F99A9}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Service\Update Service.exe (Sony Ericsson Mobile Communications AB -> ) [File not signed]
FirewallRules: [{2DE59F46-57D3-4246-99A6-44FAF2E91FF6}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Service\Update Service.exe (Sony Ericsson Mobile Communications AB -> ) [File not signed]
FirewallRules: [{86AC7E85-24DC-4D8C-A5A5-C1889FFAE0E9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2DDDED67-0AA0-4997-802B-73AD66155951}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{661B47EE-C3BB-4F3A-9E59-C3449CAE7E0D}] => (Allow) C:\Users\Zdenka\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

06-04-2019 13:52:29 Windows Update
14-04-2019 12:59:08 Naplánovaný kontrolní bod
02-05-2019 18:35:27 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/15/2019 08:23:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/15/2019 08:19:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/15/2019 07:14:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/14/2019 09:34:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/14/2019 09:00:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/14/2019 08:58:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/14/2019 08:58:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/14/2019 08:58:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (05/15/2019 08:21:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Live ID Sign-in Assistant neuspěla při spuštění v důsledku následující chyby:
Přesměrování bylo ukončeno.

Error: (05/15/2019 08:21:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (05/15/2019 08:21:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (05/15/2019 08:21:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/15/2019 08:21:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (05/15/2019 08:21:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AOMEI Backupper Scheduler Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/15/2019 08:21:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (05/15/2019 08:21:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Update Service Daemon byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2017-11-21 10:29:49.154
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{727CA5A6-04C5-4381-9EB0-EA533707D99D}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\SYSTEM

Date: 2018-07-12 18:03:36.847
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.751.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-12 18:03:36.847
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: Phoenix Technologies Ltd. 01QA 09/05/2011
Motherboard: SAMSUNG ELECTRONICS CO., LTD. 300E4A/300E5A/300E7A
Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Percentage of memory in use: 91%
Total physical RAM: 4009.55 MB
Available physical RAM: 356.87 MB
Total Virtual: 8017.3 MB
Available Virtual: 3811.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:230 GB) (Free:17.79 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:159.06 GB) (Free:37.09 GB) NTFS

\\?\Volume{323111f4-f5b1-11e0-a099-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{86635d02-0860-11e6-84da-dca97166f1f6}\ () (Fixed) (Total:0 GB) (Free:0 GB)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 58246865)
Partition 1: (Active) - (Size=99 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=58 GB) - (Type=27)
Partition 4: (Not Active) - (Size=159.1 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 15 kvě 2019 21:16 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110009
Bydliště: Plzeň
Otevřte poznámkový blok a zkopírujte do něj:

Citace:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\MountPoints2: {8420665a-0e6d-11e5-8b74-dca97166f1f6} - G:\Startme.exe
Task: {3B6A32A0-80A2-4649-BAEF-5FDE7880E91B} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
C:\windows\AutoKMS.exe
Task: {6AD1D9ED-3771-41E8-A3E1-79F4348C0BA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {8E3AF7CE-8197-4BC2-904B-D4F2784C6AAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001 -> {E7E90CB1-DD56-4B63-879E-E11B4BCB3331} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=T8&
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-05-15] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-05-15] (Google Inc -> Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\Zdenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\ProgramData\Temp:D282699C [103]

EmptyTemp:
End


Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 16 kvě 2019 17:44 
Offline
Návštěvník
Návštěvník

Registrován: 25 lis 2007 08:52
Příspěvky: 41
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-05.2019 01
Ran by Zdenka (16-05-2019 18:40:17) Run:1
Running from C:\Users\Zdenka\Desktop
Loaded Profiles: UpdatusUser & Zdenka (Available Profiles: UpdatusUser & Zdenka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\...\MountPoints2: {8420665a-0e6d-11e5-8b74-dca97166f1f6} - G:\Startme.exe
Task: {3B6A32A0-80A2-4649-BAEF-5FDE7880E91B} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
C:\windows\AutoKMS.exe
Task: {6AD1D9ED-3771-41E8-A3E1-79F4348C0BA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {8E3AF7CE-8197-4BC2-904B-D4F2784C6AAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001 -> {E7E90CB1-DD56-4B63-879E-E11B4BCB3331} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=T8&
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-05-15] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-2234519877-4043553204-3602242062-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-05-15] (Google Inc -> Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\Zdenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\ProgramData\Temp:D282699C [103]

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8420665a-0e6d-11e5-8b74-dca97166f1f6} => removed successfully
HKLM\Software\Classes\CLSID\{8420665a-0e6d-11e5-8b74-dca97166f1f6} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3B6A32A0-80A2-4649-BAEF-5FDE7880E91B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B6A32A0-80A2-4649-BAEF-5FDE7880E91B}" => removed successfully
C:\windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"C:\windows\AutoKMS.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6AD1D9ED-3771-41E8-A3E1-79F4348C0BA9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AD1D9ED-3771-41E8-A3E1-79F4348C0BA9}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E3AF7CE-8197-4BC2-904B-D4F2784C6AAF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E3AF7CE-8197-4BC2-904B-D4F2784C6AAF}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E7E90CB1-DD56-4B63-879E-E11B4BCB3331} => removed successfully
HKLM\Software\Classes\CLSID\{E7E90CB1-DD56-4B63-879E-E11B4BCB3331} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => removed successfully
"HKU\S-1-5-21-2234519877-4043553204-3602242062-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\Users\Zdenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\Temp => ":D282699C" ADS removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13766791 B
Java, Flash, Steam htmlcache => 1429 B
Windows/system/drivers => 1376589229 B
Edge => 0 B
Chrome => 6845489 B
Firefox => 1226069400 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 11019651 B
systemprofile32 => 15176130 B
LocalService => 0 B
NetworkService => 13375263 B
UpdatusUser => 0 B
Zdenka => 21523167 B
off => 128149 B
gzuzgiu => 352725 B

RecycleBin => 544 B
EmptyTemp: => 2.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:40:39 ====


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 16 kvě 2019 17:53 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110009
Bydliště: Plzeň
Smazáno. Nastala nějaká změna?

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 16 kvě 2019 18:35 
Offline
Návštěvník
Návštěvník

Registrován: 25 lis 2007 08:52
Příspěvky: 41
Dobrý večer, vlastně jsem jen čekal na odpoveď. Byl otevřený pouze Firefox na webu viry.cz a s laptopem jsem nedělal žádnou další práci. Pak opět modrá obrazovka. Printscreen nešel , ale alespoň už jsem to stihl vyfotit. V podstatě to na tomto okně tentokrát zůstalo. Přikládám. A dále na mě při psaní odpovědi vyskočil malware viz. další obr.


Přílohy:
malware.jpg
malware.jpg [ 35.04 KiB | Zobrazeno 480 krát ]
Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 16 kvě 2019 18:37 
Offline
Návštěvník
Návštěvník

Registrován: 25 lis 2007 08:52
Příspěvky: 41
a obrazovka


Přílohy:
obr.jpg
obr.jpg [ 65.75 KiB | Zobrazeno 477 krát ]
Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 16 kvě 2019 18:59 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110009
Bydliště: Plzeň
OK. Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Ta BSOD svědčí o nějaké chybě v konfiguraci systému.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 16 kvě 2019 19:23 
Offline
Návštěvník
Návštěvník

Registrován: 25 lis 2007 08:52
Příspěvky: 41
Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 16.05.19
Čas skenování: 20:13
Logovací soubor: 4bbb3474-7806-11e9-9068-00ff2449eefa.json

-Informace o softwaru-
Verze: 3.7.1.2839
Verze komponentů: 1.0.586
Aktualizovat verzi balíku komponent: 1.0.10630
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Samsung_NB\Zdenka

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 350724
Zjištěné hrozby: 1
Hrozby umístěné do karantény: 0
Uplynulý čas: 6 min, 51 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 1
PUP.Optional.Conduit, C:\USERS\ZDENKA\APPDATA\ROAMING\UTORRENT\ISM.EXE, Žádná uživatelská akce, [210], [76405],1.0.10630

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 16 kvě 2019 20:04 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110009
Bydliště: Plzeň
Nalezenou položku smažte a restartujte. K té modré smrti: Neinstaloval jste v poslední době nějaký nový software, či hardware?

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 16 kvě 2019 20:20 
Offline
Návštěvník
Návštěvník

Registrován: 25 lis 2007 08:52
Příspěvky: 41
smazáno a restartováno.

Hardware žádný, pokud se ovšem nepočítá připojení smartphonu a z něj stažení pár fotek do laptopu. Telefon funguje bez problémů , dokonce jsem jej připojoval i na PC a zde vše v pořádku. Tak nevím jestli by to mohlo mít vliv? Možná tyto problémy ale skutečně nastaly až po odpojení telefonu od laptopu... si tak uvědomuji. Nevím, jestli to opravdu může souviset.

Software nikoliv. Naposledy Ccleaner právě kvůli vzniklým problémům jsem chtěl alespoň uklidit.
Jinak před tím opravdu dlouho nic . Už si ani nevybavuji snad opravdu naposledy snad jen Spotify ,ale to už je pár měsíců.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Zpomalený laptop + přehřívá se
PříspěvekNapsal: 16 kvě 2019 20:59 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 110009
Bydliště: Plzeň
OK. Zkuste Startmenu>přík. řádek>(napsat) cmd>Enter. Do otevřeného okna napište:

Citace:
sfc /scannow


a odentrujte.

Systém provede sken a případnou opravu systémových souborů. Po skončení akce restratujte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Odpovědět na téma  [ Příspěvků: 38 ]  Přejít na stránku 1, 2, 3  Další

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Google [Bot]


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?