Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
daldous
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 12 lis 2006 09:56

Prosím o kontrolu logu

#1 Příspěvek od daldous »

Zdravím, chtěl bych požádat o preventivní kontrolu logu. Díky moc. Dalibor

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Ran by Daldous (administrator) on DALDOUS-PC (LENOVO 20206) (23-05-2020 09:49:06)
Running from C:\Users\Daldous\Desktop
Loaded Profiles: Daldous
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <25>
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed] C:\Windows\SysWOW64\nlssrv32.exe
(Nalpeiron Ltd.) [File not signed] C:\Windows\SysWOW64\nalserv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ZyXEL Communications Corporation -> ) C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108728 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-09-17] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [238952 2020-05-13] (IDSA Production signing key -> Intel)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B7F6C0D-93AC-41B2-A4F7-FAC98E980DCD} - System32\Tasks\{111CDC67-B0F0-4673-8A43-48B483F4E6EF} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {0E9A1BC6-6B36-471E-94C5-7C41CAF872A2} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {104467EA-E804-4C20-948C-D5B69D29C52F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {119FF0B0-85ED-4155-9A8B-BE6A749BF9BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {1CFCBFCE-5FBC-4C5E-BB0D-EBD43E57A9FC} - System32\Tasks\{D4BDACFC-16FC-4983-AAEE-7E48790067F2} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {3BB21976-39B0-4A96-A4C5-26DE6C2CE2C6} - System32\Tasks\{D3BCAA59-7DD0-4378-B9EF-688C1A3E135E} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daldous\Desktop\win64_15.33.48.5069 (1).exe" -d C:\Users\Daldous\Desktop
Task: {40E214EF-9DCF-4973-9916-222DF5E4EA24} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {52AEB9B2-221D-4BF1-B969-5043370C4E2E} - System32\Tasks\{77529009-2249-437E-A8F4-8DE23F298101} => G:\Hry\Battlefield 3\bf3.exe
Task: {63558671-79A7-4113-8646-E79C197F29CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6B07B79F-0BBF-40C4-AC72-700516058E93} - System32\Tasks\{F6A687CE-EF87-4186-BCF2-696E86BC6EC3} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe -c /M{78A62183-20AB-4333-ACA7-08BDAD9368A3}
Task: {6D0B9A95-BB11-4CF1-A476-453490A22B82} - System32\Tasks\{D704FA25-5DAE-4600-8C32-853A2AF0699A} => G:\Docasne_soubory\Unreal Tournament (1999)\Unreal Tournament (1999)\SYSTEM\UnrealTournament.exe
Task: {91E64D21-77FE-43CD-A707-5F4994CFB7EA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {9F33481F-3B52-4635-A1F2-AC31861E1BF9} - System32\Tasks\{4546AF5C-2C07-4168-BF5E-F2611F61A3F3} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {9F8C4A78-AFD8-4C38-971E-A2E359F66F2D} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-24] (bookingDesktopApp.) [File not signed]
Task: {A0770029-CE44-4656-B3AA-08E580343D3C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [1366528 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A78379BF-54AF-4227-8E06-DBA6C4B6FB60} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {B68D8363-AED9-41BF-8B19-365F7C52D84E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-06] (Piriform Ltd -> Piriform Ltd)
Task: {BA8BE9E2-D2BE-499F-AAF6-65AC91FFD699} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-24] (bookingDesktopApp.) [File not signed]
Task: {BC3C86F5-1242-4588-A0AB-460D5B403A3C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3339472 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
Task: {BF14C9DE-5BAA-4B47-8239-1E9712107A90} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C83CDE6A-3099-4234-9640-3478E233B096} - System32\Tasks\{FA53C2BA-1CDE-4819-ADB3-6AF1FAEC8AD9} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {D5DEE5A1-E930-43F2-9C90-FB42C428A430} - System32\Tasks\{7EDFF45A-2086-4085-94CD-56FB60E3298C} => G:\Hry\Ostriv.Alpha.v2.0.1\ostriv.exe
Task: {DB4F5D94-C477-4CC7-862B-B2ECD67440AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {FC45C919-C392-49A9-8714-4028699FC341} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.96.160.6 212.96.161.7
Tcpip\..\Interfaces\{0B9BB5B1-79D0-468F-AFC9-1CE3C39BEE73}: [DhcpNameServer] 212.96.160.7 212.96.161.6
Tcpip\..\Interfaces\{67DFB584-BFBB-40B2-B7F8-DF9C30512552}: [DhcpNameServer] 212.96.160.6 212.96.161.7
Tcpip\..\Interfaces\{B26C9018-F5F4-4EAF-9914-055B35775648}: [NameServer] 192.168.202.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-11-10] (McAfee, LLC -> McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-11-10] (McAfee, LLC -> McAfee, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
DPF: HKLM-x32 {5B84B165-F6DE-4126-B3F8-5EDCD447EFF4} hxxps://212.24.156.6/ext-js/web-pages/portal/SecuExtender.cab

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-11-10]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-24] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-24] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (Garmin International, Inc. -> GARMIN Corp.)
FF Plugin-x32: @protectdisc.com/NPMPDRM -> C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll [2010-02-03] (Protect Software GmbH -> )
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1897870398-3820753920-757805072-1000: @powerchallenge.com/PowerLoader -> C:\Users\Daldous\AppData\LocalLow\POWERC~1\nppowerloader.dll [2011-03-15] (Power Challenge AB -> Power Challenge Sweden AB)
FF Plugin HKU\S-1-5-21-1897870398-3820753920-757805072-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Daldous\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2018-01-23] (Unity Technologies SF -> Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default [2020-05-23]
CHR Notifications: Default -> hxxps://jrceshop.os.tc; hxxps://www.megaknihy.cz; hxxps://www.varimjakosef.cz; hxxps://www.vyprodejskladu.eu
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "","www.google.com","hxxp://www.google.com/"
CHR Extension: (Dokumenty) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Vyhledávání Google) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-22]
CHR Extension: (Avast Online Security) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-01]
CHR Extension: (SearchPreview) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2020-03-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
CHR Profile: C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-29]
CHR Extension: (Prezentace) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-21]
CHR Extension: (Dokumenty) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-21]
CHR Extension: (Disk Google) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-21]
CHR Extension: (YouTube) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-21]
CHR Extension: (Avast SafePrice) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-21]
CHR Extension: (Tabulky) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-21]
CHR Extension: (AdBlock) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-21]
CHR Extension: (Avast Online Security) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-21]
CHR Extension: (Grammarly for Chrome) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-05-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-21]
CHR Extension: (Gmail) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-21]
CHR Extension: (Chrome Media Router) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-21]
CHR Profile: C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1897870398-3820753920-757805072-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6350752 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-24] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-24] (bookingDesktopApp.) [File not signed]
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [40296 2020-05-13] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [156008 2020-05-13] (IDSA Production signing key -> Intel)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
R2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [774736 2017-09-05] (Lenovo -> Lenovo.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] (Intel Corporation-Mobile Wireless Group -> )
R2 NalServ; C:\Windows\SysWOW64\nalserv.exe [135168 2012-06-29] (Nalpeiron Ltd.) [File not signed]
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-06-29] (Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation)
R2 ZyWALL SecuExtender Helper; C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe [44928 2014-03-28] (ZyXEL Communications Corporation -> )
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37136 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205880 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234560 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178760 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60480 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42784 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175704 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [501472 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109272 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84856 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851592 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460992 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235488 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319120 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2017-06-10] (Tages SA -> )
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-15] (Disc Soft Ltd -> Disc Soft Ltd)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (3am.com(Test) -> HTC, Corporation) [File not signed]
S3 htcnprot; C:\Windows\System32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2017-06-10] (Tages SA -> )
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2005-01-21] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 tap0901_zyxel; C:\Windows\System32\DRIVERS\tap0901_zyxel.sys [36408 2014-01-15] (ZyXEL Communications Corporation -> The OpenVPN Project)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-23 09:49 - 2020-05-23 09:51 - 000027983 _____ C:\Users\Daldous\Desktop\FRST.txt
2020-05-23 09:48 - 2020-05-23 09:50 - 000000000 ____D C:\FRST
2020-05-23 09:47 - 2020-05-23 09:47 - 002286080 _____ (Farbar) C:\Users\Daldous\Desktop\FRST64.exe
2020-05-22 17:23 - 2020-05-22 17:23 - 000000000 ____D C:\ProgramData\ByteFence
2020-05-22 13:10 - 2020-05-22 13:08 - 000337560 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-05-22 13:09 - 2020-05-22 13:09 - 000235488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-05-22 13:09 - 2020-05-22 13:09 - 000175704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-05-16 08:45 - 2020-05-16 08:45 - 000001521 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2020-05-01 10:02 - 2020-05-01 10:02 - 000000959 _____ C:\Users\Daldous\Desktop\Dawn of Man CZ.lnk
2020-05-01 10:02 - 2020-05-01 10:02 - 000000959 _____ C:\Users\Daldous\AppData\Roaming\Microsoft\Windows\Start Menu\Dawn of Man CZ.lnk
2020-04-23 14:05 - 2020-04-23 14:05 - 000001185 _____ C:\Users\Daldous\Desktop\RimWorldWin – zástupce.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-23 09:47 - 2020-02-10 21:10 - 000000000 ____D C:\Users\Daldous\AppData\Roaming\uTorrent
2020-05-23 09:19 - 2009-07-14 06:45 - 000025536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-23 09:19 - 2009-07-14 06:45 - 000025536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-23 09:13 - 2020-04-16 11:28 - 000002948 _____ C:\Windows\system32\Tasks\{7EDFF45A-2086-4085-94CD-56FB60E3298C}
2020-05-23 09:13 - 2020-04-15 23:13 - 000003166 _____ C:\Windows\system32\Tasks\{D3BCAA59-7DD0-4378-B9EF-688C1A3E135E}
2020-05-23 09:13 - 2020-04-15 22:51 - 000003718 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2020-05-23 09:13 - 2020-04-15 22:29 - 000003616 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2020-05-23 09:13 - 2020-04-15 22:29 - 000003370 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2020-05-23 09:13 - 2020-02-24 21:50 - 000003440 _____ C:\Windows\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2020-05-23 09:13 - 2020-02-24 21:50 - 000003312 _____ C:\Windows\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2020-05-23 09:13 - 2018-09-06 17:56 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-05-23 09:13 - 2015-12-03 19:42 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-05-23 09:13 - 2014-12-24 14:08 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-05-23 09:13 - 2013-12-16 23:11 - 000002776 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-05-23 09:13 - 2013-08-30 08:07 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-05-23 09:13 - 2013-08-30 08:07 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-22 20:32 - 2017-03-17 09:27 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-05-22 20:29 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-22 17:10 - 2019-10-06 14:46 - 000001158 _____ C:\Users\Public\Desktop\PotPlayer.lnk
2020-05-22 17:10 - 2019-10-06 14:46 - 000001158 _____ C:\ProgramData\Desktop\PotPlayer.lnk
2020-05-22 13:09 - 2020-04-19 18:23 - 000501472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-05-22 13:09 - 2018-10-22 15:32 - 000042784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-05-22 13:09 - 2013-08-30 08:17 - 000460992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-05-22 13:09 - 2013-08-30 08:17 - 000319120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-05-22 13:09 - 2013-08-30 08:17 - 000109272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-05-22 13:09 - 2013-08-30 08:17 - 000084856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-05-22 13:08 - 2019-01-17 16:53 - 000234560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-05-22 13:08 - 2019-01-17 16:53 - 000178760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-05-22 13:08 - 2019-01-17 16:53 - 000060480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-05-22 13:08 - 2019-01-17 16:53 - 000037136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-05-22 13:08 - 2017-11-18 14:41 - 000205880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-05-22 13:08 - 2013-08-30 08:17 - 000851592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-05-20 08:15 - 2020-04-20 21:16 - 000000000 ____D C:\Users\Daldous\Desktop\SKOLA
2020-05-19 15:01 - 2016-08-21 22:21 - 000000000 ____D C:\Program Files (x86)\Steam
2020-05-16 08:45 - 2013-10-27 19:47 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-16 08:45 - 2013-08-30 07:43 - 000000000 ____D C:\Program Files (x86)\Intel
2020-05-13 20:27 - 2017-12-19 10:10 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-12 22:04 - 2011-04-12 10:34 - 000669116 _____ C:\Windows\system32\perfh005.dat
2020-05-12 22:04 - 2011-04-12 10:34 - 000141744 _____ C:\Windows\system32\perfc005.dat
2020-05-12 22:04 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2020-05-12 22:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-05-09 07:34 - 2016-07-14 18:21 - 000001963 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-05-09 07:34 - 2016-07-14 18:21 - 000001963 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-05-07 08:23 - 2020-04-20 20:34 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-05-07 07:39 - 2017-10-15 09:34 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-07 07:39 - 2017-10-15 09:34 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-07 07:39 - 2017-10-15 09:34 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-05-02 12:15 - 2019-03-05 00:43 - 000000000 ____D C:\Users\Daldous\Documents\DawnOfMan
2020-05-02 11:54 - 2020-04-20 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2020-04-27 23:01 - 2020-04-20 20:53 - 000000000 ____D C:\Users\Daldous\AppData\Roaming\Canon
2020-04-23 19:42 - 2020-03-15 08:13 - 000000000 ____D C:\Users\Daldous\Documents\bitComposer Games
2020-04-23 14:05 - 2014-02-16 14:51 - 000000000 ____D C:\Users\Daldous\Desktop\hry

==================== Files in the root of some directories ========

2019-05-13 21:06 - 2019-05-13 21:06 - 000000042 _____ () C:\Users\Daldous\AppData\Roaming\~SiMPLEX.ini
2015-02-09 23:06 - 2015-02-09 23:06 - 000003584 _____ () C:\Users\Daldous\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-04-22 21:19 - 2018-04-22 21:19 - 000029696 _____ () C:\Users\Daldous\AppData\Local\MSGBOX.EXE

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-05-18 11:46
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by Daldous (23-05-2020 09:52:22)
Running from C:\Users\Daldous\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-29 19:57:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1897870398-3820753920-757805072-500 - Administrator - Disabled)
Daldous (S-1-5-21-1897870398-3820753920-757805072-1000 - Administrator - Enabled) => C:\Users\Daldous
Guest (S-1-5-21-1897870398-3820753920-757805072-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1897870398-3820753920-757805072-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
µTorrent (HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\uTorrent) (Version: 3.5.5.45505 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20063 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.3.2405 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.20.55.57 - Broadcom Corporation)
Call of Duty (HKLM-x32\...\Call of Duty) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon MG3000 series Elektronická příručka (HKLM-x32\...\Canon MG3000 series Elektronická příručka) (Version: 1.3.0 - Canon Inc.)
Canon MG3000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3000_series) (Version: 1.03 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Company of Heroes - Complete Edition (HKLM-x32\...\Company of Heroes - Complete Edition_is1) (Version: - )
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dawn of Man CZ ALI213 v.1.5.0 - CZ v.1.40 (HKLM-x32\...\Dawn of Man CZ ALI213 v.1.5.0 - CZ v.1.40) (Version: ALI213 v.1.5.0 - CZ v.1.40 - Libbi)
Factorio version 0.16.36 (HKLM\...\Factorio_is1) (Version: - )
Fallout Tactics (HKLM-x32\...\{78A62183-20AB-4333-ACA7-08BDAD9368A3}) (Version: 1.00.000 - Interplay) Hidden
Fallout Tactics (HKLM-x32\...\InstallShield_{78A62183-20AB-4333-ACA7-08BDAD9368A3}) (Version: 1.00.000 - Interplay)
FreeCommander 2009.02b (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
CHUCHEL (HKLM-x32\...\1825910123_is1) (Version: 1.0.0 - GOG.com)
Intel Driver && Support Assistant (HKLM-x32\...\{06626F51-076E-4195-B040-1EAB58735E21}) (Version: 20.5.20.3 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{A9133872-C9FE-45CC-8F01-D1947B0F09EA}) (Version: 2.4.04755 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{51daa996-b36e-4097-9cc0-dda4869e52c6}) (Version: 20.5.20.3 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
LAV Filters 0.70.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.70.1 - Hendrik Leppkes)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.00.02 - )
Machinarium (HKLM-x32\...\Machinarium) (Version: CZ/14.02.2010 - Amanita Design, s.r.o.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.101 - McAfee, LLC.)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.12.25711 (HKLM\...\{7D02C46E-2953-3EB1-A5D5-7943C9D7684F}) (Version: 14.12.25711 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.12.25711 (HKLM\...\{043D5787-5988-3DE2-928D-3B6A75E2126E}) (Version: 14.12.25711 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.12.25711 (HKLM-x32\...\{8FDCF95F-4756-34F4-9DA2-D708E7FAC504}) (Version: 14.12.25711 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.12.25711 (HKLM-x32\...\{6E894015-A182-3C1E-A7D2-3032CB2E1D43}) (Version: 14.12.25711 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{FD9D64F4-CAF5-3D23-845A-B843C78CC1A5}) (Version: 10.0.60830 - Microsoft Corporation)
Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mount and Blade: Warband (HKLM-x32\...\1207666913_is1) (Version: 2.036 (1.173) 30-07-2018 - GOG.com)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9 - Notepad++ Team)
NVIDIA GAME System Software 2.8.1 (HKLM-x32\...\{4F0C7CCF-5666-474B-B02E-AC514A95EC93}) (Version: 2.8.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation)
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
PotPlayer (HKLM-x32\...\PotPlayer) (Version: 200513 - Kakao Corp.)
Power Challenge Game Plugin (HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Power Loader) (Version: - )
Railroad Tycoon II - Platinum (HKLM-x32\...\{BED27751-CD2A-4C2F-9813-00B9B60C76FE}) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Registrace uživatele zařízení Canon MG3000 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3000 series) (Version: - ‭Canon Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Sid Meier's Civilization IV Colonization (HKLM-x32\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.00 - Firaxis Games)
Software Intel® PROSet/Wireless WiFi (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 2.6.0.8 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0031.1 - REALTEK Semiconductor Corp.)
Unity Web Player (HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unreal Tournament G.O.T.Y. Edition (HKLM-x32\...\UnrealTournament) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 26.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
ZyWALL SecuExtender (HKLM-x32\...\{644421AA-C633-4508-AC2C-0EA631C165E6}) (Version: 3.0.20.0 - ZyXEL Communications Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-22] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-02-21] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-22] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2020-02-24 21:50 - 2020-02-24 21:50 - 001743360 ____T (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\bookingDesktopApppdate.dll
2020-04-20 20:41 - 2015-06-17 16:01 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_CSY.DLL
2020-04-20 20:41 - 2015-06-17 16:00 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2018-04-26 18:32 - 2013-09-17 16:47 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2012-02-26 04:19 - 2012-02-26 04:19 - 000168448 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2012-02-26 04:20 - 2012-02-26 04:20 - 000284160 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2012-02-26 04:20 - 2012-02-26 04:20 - 003280896 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2012-02-26 04:18 - 2012-02-26 04:18 - 000102400 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
2012-02-26 04:22 - 2012-02-26 04:22 - 000104448 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2012-02-26 04:21 - 2012-02-26 04:21 - 000054272 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
2012-02-26 04:26 - 2012-02-26 04:26 - 000545792 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2012-02-26 04:30 - 2012-02-26 04:30 - 000325120 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\panihvint.dll
2012-02-26 04:24 - 2012-02-26 04:24 - 001051136 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2012-02-26 04:30 - 2012-02-26 04:30 - 000178176 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\Ps7ZCfgS.dll
2012-02-26 04:18 - 2012-02-26 04:18 - 000020992 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2018-06-09 14:03 - 2018-06-09 14:03 - 000796672 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\MSVCR80.dll
2012-02-26 03:38 - 2012-02-26 03:38 - 001830912 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:netNLSPreferences [0]
AlternateDataStreams: C:\Windows:nlsPreferences [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2020-05-22 20:35 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daldous\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.96.160.6 - 212.96.161.7
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3276BC8C-F477-413A-A386-403B8B9112B9}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [TCP Query User{D8F698D8-246A-4383-8525-C130B9448805}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe () [File not signed]
FirewallRules: [UDP Query User{ABC5A62D-539E-4326-AB97-26ECE174FBD3}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe () [File not signed]
FirewallRules: [TCP Query User{7B6384D9-0EDD-444C-A0DB-7FDBCCB7A3F3}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe () [File not signed]
FirewallRules: [UDP Query User{6D34E425-4485-461A-B6B0-24D3D87943FC}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe () [File not signed]
FirewallRules: [TCP Query User{6355C514-E5C8-480D-A11B-2BCD87B2CF51}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{BEC17AB7-689E-4FA5-8ACC-1FD4D06A8BE5}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{49EB036B-71EF-4341-B974-D5337C069C9A}C:\users\daldous\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{B3A5C1E6-75AF-4D5A-BF32-7F479D25B86B}C:\users\daldous\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{85B6B8FB-C2F1-4475-8B81-FBAF057A3940}] => (Allow) C:\Users\Daldous\AppData\Roaming\uTorrent\uTorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{6AD3BDA3-3F45-49DF-8449-500D8643BB2E}] => (Allow) C:\Users\Daldous\AppData\Roaming\uTorrent\uTorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{47AA4F92-3CDB-45DC-9077-AD8D49201AF7}C:\unrealtournament\system\unrealtournament.exe] => (Block) C:\unrealtournament\system\unrealtournament.exe () [File not signed]
FirewallRules: [UDP Query User{302BC98B-A8A0-4874-B9E3-A34C3AF76A87}C:\unrealtournament\system\unrealtournament.exe] => (Block) C:\unrealtournament\system\unrealtournament.exe () [File not signed]
FirewallRules: [{4C60C5D7-C112-4C3C-BA8A-25CC384C1726}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0E13BECE-0EE9-41EA-A476-90EECF96E91B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AFF06221-4254-4C35-BDD4-2AA2242AE6B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{07A901A1-B187-45E8-81D6-8CFF12CF67FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{50293D52-673E-408F-A9A1-361F252B1E1F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{929C34F4-2A1A-4F4E-B746-71BF02AF1D20}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [TCP Query User{9FE6B1C1-5935-4867-A642-BE1328445F69}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe => No File
FirewallRules: [UDP Query User{A63A77E5-3036-4074-8B77-571DE54C15C3}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe => No File
FirewallRules: [TCP Query User{E4838F88-BD7F-4141-A967-50B5E1931D06}C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe] => (Allow) C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe (The build server will stamp this field) [File not signed]
FirewallRules: [UDP Query User{B90CF693-96C5-4FD5-AA29-FE8D1874DA96}C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe] => (Allow) C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe (The build server will stamp this field) [File not signed]
FirewallRules: [TCP Query User{2CFA9237-C7D9-4482-B34F-F2EEA9313070}C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe => No File
FirewallRules: [UDP Query User{B948267A-0B53-47DA-BF05-C3752CD5D088}C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe => No File
FirewallRules: [{94236AF8-F1BE-40F7-9273-170391188A2C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A6B25143-9506-4195-979F-A70E95753B4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{606D2C99-F258-4A54-A539-2A00771A50D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe (© 2001-2004 Atari Inc.) [File not signed]
FirewallRules: [{1665C564-19E8-41DF-83B0-DEFEA1B846AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe (© 2001-2004 Atari Inc.) [File not signed]
FirewallRules: [TCP Query User{0B83AD62-86C3-4EE1-A5BC-56F3EFE20683}G:\hry\beholder.update.02.04.2018\beholder\beholder.exe] => (Allow) G:\hry\beholder.update.02.04.2018\beholder\beholder.exe => No File
FirewallRules: [UDP Query User{4185BCE3-9878-485E-8329-B92FE1D0A3FD}G:\hry\beholder.update.02.04.2018\beholder\beholder.exe] => (Allow) G:\hry\beholder.update.02.04.2018\beholder\beholder.exe => No File
FirewallRules: [TCP Query User{8E2592E2-14C3-4C0D-9B3B-23D421D7119E}G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe] => (Allow) G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe => No File
FirewallRules: [UDP Query User{BA59A845-A967-4874-A27E-6210110C54CF}G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe] => (Allow) G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe => No File
FirewallRules: [{5B900344-9566-4AB9-B584-60B953E5BAFD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5C25E32A-C9D3-4A1D-A21F-D6E5113AEDC5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{597E636A-AB73-4D18-BE6C-CBBBEBFBB36C}] => (Allow) C:\Program Files (x86)\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe (Take-Two Interactive Software, Inc. -> Firaxis Games)
FirewallRules: [{D15E0D44-21FE-4F26-AE9E-37DD76E0BA5E}] => (Allow) C:\Program Files (x86)\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe (Take-Two Interactive Software, Inc. -> Firaxis Games)
FirewallRules: [TCP Query User{8DC4CCF3-03F9-44D9-B887-94D2851FDC73}C:\users\daldous\downloads\daikatanadm\katanadm.exe] => (Allow) C:\users\daldous\downloads\daikatanadm\katanadm.exe () [File not signed]
FirewallRules: [UDP Query User{EDE02249-031A-4DB1-9F67-47E9194EC38B}C:\users\daldous\downloads\daikatanadm\katanadm.exe] => (Allow) C:\users\daldous\downloads\daikatanadm\katanadm.exe () [File not signed]
FirewallRules: [{1A16309C-B1C9-4EE0-9B2C-0A60695EFBB3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FB940F11-9F7A-4F72-BC87-AF3ADD234043}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{FFE9CCC9-ECC7-4FFD-9F6A-15A5AFD02908}C:\users\daldous\desktop\quake 3 arena\quake3.exe] => (Block) C:\users\daldous\desktop\quake 3 arena\quake3.exe => No File
FirewallRules: [UDP Query User{C581EE3C-EC43-433A-BA11-D97837901D54}C:\users\daldous\desktop\quake 3 arena\quake3.exe] => (Block) C:\users\daldous\desktop\quake 3 arena\quake3.exe => No File
FirewallRules: [TCP Query User{D8796889-39CA-4672-B745-715B8AD96CC9}C:\users\daldous\desktop\warcraft iii\war3.exe] => (Allow) C:\users\daldous\desktop\warcraft iii\war3.exe => No File
FirewallRules: [UDP Query User{EA4E089A-A59A-4833-8265-CA76104D584D}C:\users\daldous\desktop\warcraft iii\war3.exe] => (Allow) C:\users\daldous\desktop\warcraft iii\war3.exe => No File
FirewallRules: [TCP Query User{9AD3CC7B-DD83-45AF-B2EB-F75A407D96A4}C:\users\daldous\desktop\daikatanadm\katanadm.exe] => (Allow) C:\users\daldous\desktop\daikatanadm\katanadm.exe => No File
FirewallRules: [UDP Query User{36BDA6C3-3CB0-415B-BF81-C2306ACFBD34}C:\users\daldous\desktop\daikatanadm\katanadm.exe] => (Allow) C:\users\daldous\desktop\daikatanadm\katanadm.exe => No File
FirewallRules: [{53EA4795-32A2-4894-9FD4-4985F0B0ED34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{E0532C51-EBBB-4B76-928A-EB2580DFFBF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{DFD64786-D002-45A1-90E1-6371B6ADB360}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{BF409CC6-7AED-45AC-9484-BCB44C22AA8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{9D9F65C3-AE30-414D-8BCC-DDEFB8719654}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

07-05-2020 14:17:57 Naplánovaný kontrolní bod
15-05-2020 11:13:56 Naplánovaný kontrolní bod
16-05-2020 08:42:27 Intel® Driver & Support Assistant

==================== Faulty Device Manager Devices ============

Name: BCM43142A0
Description: BCM43142A0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (05/22/2020 08:30:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/22/2020 01:04:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/16/2020 08:44:46 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DSAService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na Intel.DSA.CommonCore.Controllers.LoggingBaseClass.TraceMethodStart(System.Type, System.String, System.String)
na DSARestService.RestHttpListener.StopListening()
na DSARestService.RestHttpListener.Finalize()

Error: (05/16/2020 08:30:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/12/2020 11:59:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ZeroConfigService.exe, verze: 15.1.0.2, časové razítko: 0x4f4a262d
Název chybujícího modulu: MurocApi.dll, verze: 15.1.0.1, časové razítko: 0x4f4a2503
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002084b
ID chybujícího procesu: 0xb10
Čas spuštění chybující aplikace: 0x01d62843eabd5641
Cesta k chybující aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Cesta k chybujícímu modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll
ID zprávy: 3623dcd5-9437-11ea-956a-3c970e9dbfa4

Error: (05/12/2020 11:58:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/11/2020 03:17:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/09/2020 05:09:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (05/23/2020 09:00:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 5krát.

Error: (05/23/2020 08:51:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 4krát.

Error: (05/22/2020 08:55:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (05/22/2020 08:47:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (05/22/2020 08:33:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/22/2020 08:33:12 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo časového limitu (30000 ms).

Error: (05/22/2020 08:32:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/22/2020 08:32:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Windows Media Player Network Sharing bylo dosaženo časového limitu (30000 ms).


Windows Defender:
===================================
Date: 2015-07-20 06:42:38.108
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{1945B44B-5AE2-4ECB-B4CC-CC3E939B7051}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2014-06-23 21:43:14.728
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

CodeIntegrity:
===================================

Date: 2016-09-08 18:05:59.242
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 18:05:59.055
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 17:56:05.694
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 17:56:05.523
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-31 21:57:30.663
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-31 21:57:30.336
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-22 15:58:20.936
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-22 15:58:20.718
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: LENOVO H9ET73WW(1.10) 04/09/2013
Motherboard: LENOVO 20206
Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 87%
Total physical RAM: 3673.36 MB
Available physical RAM: 461.85 MB
Total Virtual: 7344.9 MB
Available Virtual: 3570.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:235.49 GB) (Free:134.95 GB) NTFS
Drive g: (Nový svazek) (Fixed) (Total:229.27 GB) (Free:52.07 GB) NTFS
Drive n: () (CDROM) (Total:3.08 GB) (Free:0 GB) CDFS

\\?\Volume{fb46e9ad-10e3-11e3-abb0-806e6f6e6963}\ (LENOVO_DOS) (Fixed) (Total:1 GB) (Free:0.98 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5AD204DE)
Partition 1: (Active) - (Size=1 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=235.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=229.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

daldous
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 12 lis 2006 09:56

Re: Prosím o kontrolu logu

#3 Příspěvek od daldous »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-05-19.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-24-2020
# Duration: 00:00:05
# OS: Windows 7 Home Premium
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\csastats

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1431 octets] - [24/05/2020 14:28:10]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

daldous
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 12 lis 2006 09:56

Re: Prosím o kontrolu logu

#5 Příspěvek od daldous »

Avast ten exe soubor zablokoval viz scr. Chtěl jsem použít stejný exe jako při prvním skenu. Mám ignorovat?
Přílohy
scr_avast.png
scr_avast.png (17.15 KiB) Zobrazeno 1783 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#6 Příspěvek od Rudy »

Ano, FRST není virus, jen ho některé AV nemají rádi. Stáhněte nový a po dobu práce s ním ponechte Avast vypnutý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

daldous
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 12 lis 2006 09:56

Re: Prosím o kontrolu logu

#7 Příspěvek od daldous »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2020 01
Ran by Daldous (administrator) on DALDOUS-PC (LENOVO 20206) (24-05-2020 19:46:10)
Running from C:\Users\Daldous\Desktop
Loaded Profiles: Daldous
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed] C:\Windows\SysWOW64\nlssrv32.exe
(Nalpeiron Ltd.) [File not signed] C:\Windows\SysWOW64\nalserv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ZyXEL Communications Corporation -> ) C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108728 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-09-17] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [238952 2020-05-13] (IDSA Production signing key -> Intel)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B7F6C0D-93AC-41B2-A4F7-FAC98E980DCD} - System32\Tasks\{111CDC67-B0F0-4673-8A43-48B483F4E6EF} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {0E9A1BC6-6B36-471E-94C5-7C41CAF872A2} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {104467EA-E804-4C20-948C-D5B69D29C52F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {119FF0B0-85ED-4155-9A8B-BE6A749BF9BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {1CFCBFCE-5FBC-4C5E-BB0D-EBD43E57A9FC} - System32\Tasks\{D4BDACFC-16FC-4983-AAEE-7E48790067F2} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {3BB21976-39B0-4A96-A4C5-26DE6C2CE2C6} - System32\Tasks\{D3BCAA59-7DD0-4378-B9EF-688C1A3E135E} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daldous\Desktop\win64_15.33.48.5069 (1).exe" -d C:\Users\Daldous\Desktop
Task: {40E214EF-9DCF-4973-9916-222DF5E4EA24} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {52AEB9B2-221D-4BF1-B969-5043370C4E2E} - System32\Tasks\{77529009-2249-437E-A8F4-8DE23F298101} => G:\Hry\Battlefield 3\bf3.exe
Task: {63558671-79A7-4113-8646-E79C197F29CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6B07B79F-0BBF-40C4-AC72-700516058E93} - System32\Tasks\{F6A687CE-EF87-4186-BCF2-696E86BC6EC3} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe -c /M{78A62183-20AB-4333-ACA7-08BDAD9368A3}
Task: {6D0B9A95-BB11-4CF1-A476-453490A22B82} - System32\Tasks\{D704FA25-5DAE-4600-8C32-853A2AF0699A} => G:\Docasne_soubory\Unreal Tournament (1999)\Unreal Tournament (1999)\SYSTEM\UnrealTournament.exe
Task: {91E64D21-77FE-43CD-A707-5F4994CFB7EA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {9F33481F-3B52-4635-A1F2-AC31861E1BF9} - System32\Tasks\{4546AF5C-2C07-4168-BF5E-F2611F61A3F3} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {9F8C4A78-AFD8-4C38-971E-A2E359F66F2D} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-24] (bookingDesktopApp.) [File not signed]
Task: {A0770029-CE44-4656-B3AA-08E580343D3C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [1366528 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A78379BF-54AF-4227-8E06-DBA6C4B6FB60} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {B68D8363-AED9-41BF-8B19-365F7C52D84E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-06] (Piriform Ltd -> Piriform Ltd)
Task: {BA8BE9E2-D2BE-499F-AAF6-65AC91FFD699} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-24] (bookingDesktopApp.) [File not signed]
Task: {BC3C86F5-1242-4588-A0AB-460D5B403A3C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3339472 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
Task: {BF14C9DE-5BAA-4B47-8239-1E9712107A90} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C83CDE6A-3099-4234-9640-3478E233B096} - System32\Tasks\{FA53C2BA-1CDE-4819-ADB3-6AF1FAEC8AD9} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {D5DEE5A1-E930-43F2-9C90-FB42C428A430} - System32\Tasks\{7EDFF45A-2086-4085-94CD-56FB60E3298C} => G:\Hry\Ostriv.Alpha.v2.0.1\ostriv.exe
Task: {DB4F5D94-C477-4CC7-862B-B2ECD67440AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {FC45C919-C392-49A9-8714-4028699FC341} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.96.160.6 212.96.161.7
Tcpip\..\Interfaces\{0B9BB5B1-79D0-468F-AFC9-1CE3C39BEE73}: [DhcpNameServer] 212.96.160.7 212.96.161.6
Tcpip\..\Interfaces\{67DFB584-BFBB-40B2-B7F8-DF9C30512552}: [DhcpNameServer] 212.96.160.6 212.96.161.7
Tcpip\..\Interfaces\{B26C9018-F5F4-4EAF-9914-055B35775648}: [NameServer] 192.168.202.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-11-10] (McAfee, LLC -> McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-11-10] (McAfee, LLC -> McAfee, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
DPF: HKLM-x32 {5B84B165-F6DE-4126-B3F8-5EDCD447EFF4} hxxps://212.24.156.6/ext-js/web-pages/portal/SecuExtender.cab

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-11-10]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-24] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-24] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (Garmin International, Inc. -> GARMIN Corp.)
FF Plugin-x32: @protectdisc.com/NPMPDRM -> C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll [2010-02-03] (Protect Software GmbH -> )
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1897870398-3820753920-757805072-1000: @powerchallenge.com/PowerLoader -> C:\Users\Daldous\AppData\LocalLow\POWERC~1\nppowerloader.dll [2011-03-15] (Power Challenge AB -> Power Challenge Sweden AB)
FF Plugin HKU\S-1-5-21-1897870398-3820753920-757805072-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Daldous\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2018-01-23] (Unity Technologies SF -> Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default [2020-05-24]
CHR Notifications: Default -> hxxps://jrceshop.os.tc; hxxps://www.megaknihy.cz; hxxps://www.varimjakosef.cz; hxxps://www.vyprodejskladu.eu
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "","www.google.com","hxxp://www.google.com/"
CHR Extension: (Dokumenty) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Vyhledávání Google) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-22]
CHR Extension: (Avast Online Security) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-01]
CHR Extension: (SearchPreview) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2020-03-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
CHR Profile: C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-29]
CHR Extension: (Prezentace) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-21]
CHR Extension: (Dokumenty) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-21]
CHR Extension: (Disk Google) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-21]
CHR Extension: (YouTube) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-21]
CHR Extension: (Avast SafePrice) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-21]
CHR Extension: (Tabulky) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-21]
CHR Extension: (AdBlock) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-21]
CHR Extension: (Avast Online Security) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-21]
CHR Extension: (Grammarly for Chrome) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-05-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-21]
CHR Extension: (Gmail) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-21]
CHR Extension: (Chrome Media Router) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-21]
CHR Profile: C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1897870398-3820753920-757805072-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6350752 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-24] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-24] (bookingDesktopApp.) [File not signed]
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [40296 2020-05-13] (IDSA Production signing key -> Intel)
S3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [156008 2020-05-13] (IDSA Production signing key -> Intel)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
R2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [774736 2017-09-05] (Lenovo -> Lenovo.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] (Intel Corporation-Mobile Wireless Group -> )
R2 NalServ; C:\Windows\SysWOW64\nalserv.exe [135168 2012-06-29] (Nalpeiron Ltd.) [File not signed]
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-06-29] (Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation)
R2 ZyWALL SecuExtender Helper; C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe [44928 2014-03-28] (ZyXEL Communications Corporation -> )
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37136 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205880 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234560 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178760 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60480 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42784 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175704 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [501472 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109272 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84856 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851592 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460992 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235488 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319120 2020-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2017-06-10] (Tages SA -> )
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-15] (Disc Soft Ltd -> Disc Soft Ltd)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (3am.com(Test) -> HTC, Corporation) [File not signed]
S3 htcnprot; C:\Windows\System32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2017-06-10] (Tages SA -> )
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2005-01-21] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 tap0901_zyxel; C:\Windows\System32\DRIVERS\tap0901_zyxel.sys [36408 2014-01-15] (ZyXEL Communications Corporation -> The OpenVPN Project)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-24 19:46 - 2020-05-24 19:48 - 000027928 _____ C:\Users\Daldous\Desktop\FRST.txt
2020-05-24 19:45 - 2020-05-24 19:45 - 002286592 _____ (Farbar) C:\Users\Daldous\Desktop\FRST64.exe
2020-05-24 17:45 - 2020-05-24 17:45 - 000000000 ____D C:\Users\Daldous\Desktop\FRST-OlderVersion
2020-05-24 14:26 - 2020-05-24 14:28 - 000000000 ____D C:\AdwCleaner
2020-05-24 14:25 - 2020-05-24 14:25 - 008196784 _____ (Malwarebytes) C:\Users\Daldous\Desktop\adwcleaner_8.0.4.exe
2020-05-23 15:58 - 2020-05-23 15:58 - 000000835 _____ C:\Users\Daldous\Desktop\Beholder SK.lnk
2020-05-23 15:58 - 2020-05-23 15:58 - 000000835 _____ C:\Users\Daldous\AppData\Roaming\Microsoft\Windows\Start Menu\Beholder SK.lnk
2020-05-23 09:48 - 2020-05-24 19:47 - 000000000 ____D C:\FRST
2020-05-22 17:23 - 2020-05-22 17:23 - 000000000 ____D C:\ProgramData\ByteFence
2020-05-22 13:10 - 2020-05-22 13:08 - 000337560 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-05-22 13:09 - 2020-05-22 13:09 - 000235488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-05-22 13:09 - 2020-05-22 13:09 - 000175704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-05-16 08:45 - 2020-05-16 08:45 - 000001521 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2020-05-01 10:02 - 2020-05-01 10:02 - 000000959 _____ C:\Users\Daldous\Desktop\Dawn of Man CZ.lnk
2020-05-01 10:02 - 2020-05-01 10:02 - 000000959 _____ C:\Users\Daldous\AppData\Roaming\Microsoft\Windows\Start Menu\Dawn of Man CZ.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-24 19:48 - 2009-07-14 06:45 - 000025536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-24 19:48 - 2009-07-14 06:45 - 000025536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-24 19:42 - 2020-04-16 11:28 - 000002948 _____ C:\Windows\system32\Tasks\{7EDFF45A-2086-4085-94CD-56FB60E3298C}
2020-05-24 19:42 - 2020-04-15 23:13 - 000003166 _____ C:\Windows\system32\Tasks\{D3BCAA59-7DD0-4378-B9EF-688C1A3E135E}
2020-05-24 19:42 - 2020-04-15 22:51 - 000003718 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2020-05-24 19:42 - 2020-04-15 22:29 - 000003616 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2020-05-24 19:42 - 2020-04-15 22:29 - 000003370 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2020-05-24 19:42 - 2020-02-24 21:50 - 000003440 _____ C:\Windows\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2020-05-24 19:42 - 2020-02-24 21:50 - 000003312 _____ C:\Windows\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2020-05-24 19:42 - 2018-09-06 17:56 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-05-24 19:42 - 2015-12-03 19:42 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-05-24 19:42 - 2014-12-24 14:08 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-05-24 19:42 - 2013-12-16 23:11 - 000002776 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-05-24 19:42 - 2013-08-30 08:07 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-05-24 19:42 - 2013-08-30 08:07 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-24 15:35 - 2020-04-20 21:16 - 000000000 ____D C:\Users\Daldous\Desktop\SKOLA
2020-05-24 14:44 - 2013-08-30 08:14 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-24 14:29 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-23 15:56 - 2020-02-10 21:10 - 000000000 ____D C:\Users\Daldous\AppData\Roaming\uTorrent
2020-05-23 13:27 - 2017-03-17 09:27 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-05-22 17:10 - 2019-10-06 14:46 - 000001158 _____ C:\Users\Public\Desktop\PotPlayer.lnk
2020-05-22 17:10 - 2019-10-06 14:46 - 000001158 _____ C:\ProgramData\Desktop\PotPlayer.lnk
2020-05-22 13:09 - 2020-04-19 18:23 - 000501472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-05-22 13:09 - 2018-10-22 15:32 - 000042784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-05-22 13:09 - 2013-08-30 08:17 - 000460992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-05-22 13:09 - 2013-08-30 08:17 - 000319120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-05-22 13:09 - 2013-08-30 08:17 - 000109272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-05-22 13:09 - 2013-08-30 08:17 - 000084856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-05-22 13:08 - 2019-01-17 16:53 - 000234560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-05-22 13:08 - 2019-01-17 16:53 - 000178760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-05-22 13:08 - 2019-01-17 16:53 - 000060480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-05-22 13:08 - 2019-01-17 16:53 - 000037136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-05-22 13:08 - 2017-11-18 14:41 - 000205880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-05-22 13:08 - 2013-08-30 08:17 - 000851592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-05-19 15:01 - 2016-08-21 22:21 - 000000000 ____D C:\Program Files (x86)\Steam
2020-05-16 08:45 - 2013-10-27 19:47 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-16 08:45 - 2013-08-30 07:43 - 000000000 ____D C:\Program Files (x86)\Intel
2020-05-13 20:27 - 2017-12-19 10:10 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-12 22:04 - 2011-04-12 10:34 - 000669116 _____ C:\Windows\system32\perfh005.dat
2020-05-12 22:04 - 2011-04-12 10:34 - 000141744 _____ C:\Windows\system32\perfc005.dat
2020-05-12 22:04 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2020-05-12 22:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-05-09 07:34 - 2016-07-14 18:21 - 000001963 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-05-09 07:34 - 2016-07-14 18:21 - 000001963 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-05-07 08:23 - 2020-04-20 20:34 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-05-07 07:39 - 2017-10-15 09:34 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-07 07:39 - 2017-10-15 09:34 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-07 07:39 - 2017-10-15 09:34 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-05-02 12:15 - 2019-03-05 00:43 - 000000000 ____D C:\Users\Daldous\Documents\DawnOfMan
2020-05-02 11:54 - 2020-04-20 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2020-04-27 23:01 - 2020-04-20 20:53 - 000000000 ____D C:\Users\Daldous\AppData\Roaming\Canon

==================== Files in the root of some directories ========

2019-05-13 21:06 - 2019-05-13 21:06 - 000000042 _____ () C:\Users\Daldous\AppData\Roaming\~SiMPLEX.ini
2015-02-09 23:06 - 2015-02-09 23:06 - 000003584 _____ () C:\Users\Daldous\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-04-22 21:19 - 2018-04-22 21:19 - 000029696 _____ () C:\Users\Daldous\AppData\Local\MSGBOX.EXE

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-05-18 11:46
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2020 01
Ran by Daldous (24-05-2020 19:49:19)
Running from C:\Users\Daldous\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-29 19:57:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1897870398-3820753920-757805072-500 - Administrator - Disabled)
Daldous (S-1-5-21-1897870398-3820753920-757805072-1000 - Administrator - Enabled) => C:\Users\Daldous
Guest (S-1-5-21-1897870398-3820753920-757805072-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1897870398-3820753920-757805072-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
µTorrent (HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\uTorrent) (Version: 3.5.5.45505 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20063 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.3.2405 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beholder SK GoG v.1.6.0.12741 - SK v.1.0 (HKLM-x32\...\Beholder SK GoG v.1.6.0.12741 - SK v.1.0) (Version: GoG v.1.6.0.12741 - SK v.1.0 - Libbi)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.20.55.57 - Broadcom Corporation)
Call of Duty (HKLM-x32\...\Call of Duty) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon MG3000 series Elektronická příručka (HKLM-x32\...\Canon MG3000 series Elektronická příručka) (Version: 1.3.0 - Canon Inc.)
Canon MG3000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3000_series) (Version: 1.03 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Company of Heroes - Complete Edition (HKLM-x32\...\Company of Heroes - Complete Edition_is1) (Version: - )
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dawn of Man CZ ALI213 v.1.5.0 - CZ v.1.40 (HKLM-x32\...\Dawn of Man CZ ALI213 v.1.5.0 - CZ v.1.40) (Version: ALI213 v.1.5.0 - CZ v.1.40 - Libbi)
Factorio version 0.16.36 (HKLM\...\Factorio_is1) (Version: - )
Fallout Tactics (HKLM-x32\...\{78A62183-20AB-4333-ACA7-08BDAD9368A3}) (Version: 1.00.000 - Interplay) Hidden
Fallout Tactics (HKLM-x32\...\InstallShield_{78A62183-20AB-4333-ACA7-08BDAD9368A3}) (Version: 1.00.000 - Interplay)
FreeCommander 2009.02b (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
CHUCHEL (HKLM-x32\...\1825910123_is1) (Version: 1.0.0 - GOG.com)
Intel Driver && Support Assistant (HKLM-x32\...\{06626F51-076E-4195-B040-1EAB58735E21}) (Version: 20.5.20.3 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{A9133872-C9FE-45CC-8F01-D1947B0F09EA}) (Version: 2.4.04755 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{51daa996-b36e-4097-9cc0-dda4869e52c6}) (Version: 20.5.20.3 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
LAV Filters 0.70.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.70.1 - Hendrik Leppkes)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.00.02 - )
Machinarium (HKLM-x32\...\Machinarium) (Version: CZ/14.02.2010 - Amanita Design, s.r.o.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.101 - McAfee, LLC.)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.12.25711 (HKLM\...\{7D02C46E-2953-3EB1-A5D5-7943C9D7684F}) (Version: 14.12.25711 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.12.25711 (HKLM\...\{043D5787-5988-3DE2-928D-3B6A75E2126E}) (Version: 14.12.25711 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.12.25711 (HKLM-x32\...\{8FDCF95F-4756-34F4-9DA2-D708E7FAC504}) (Version: 14.12.25711 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.12.25711 (HKLM-x32\...\{6E894015-A182-3C1E-A7D2-3032CB2E1D43}) (Version: 14.12.25711 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{FD9D64F4-CAF5-3D23-845A-B843C78CC1A5}) (Version: 10.0.60830 - Microsoft Corporation)
Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mount and Blade: Warband (HKLM-x32\...\1207666913_is1) (Version: 2.036 (1.173) 30-07-2018 - GOG.com)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9 - Notepad++ Team)
NVIDIA GAME System Software 2.8.1 (HKLM-x32\...\{4F0C7CCF-5666-474B-B02E-AC514A95EC93}) (Version: 2.8.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation)
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
PotPlayer (HKLM-x32\...\PotPlayer) (Version: 200513 - Kakao Corp.)
Power Challenge Game Plugin (HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Power Loader) (Version: - )
Railroad Tycoon II - Platinum (HKLM-x32\...\{BED27751-CD2A-4C2F-9813-00B9B60C76FE}) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Registrace uživatele zařízení Canon MG3000 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3000 series) (Version: - ‭Canon Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Sid Meier's Civilization IV Colonization (HKLM-x32\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.00 - Firaxis Games)
Software Intel® PROSet/Wireless WiFi (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 2.6.0.8 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0031.1 - REALTEK Semiconductor Corp.)
Unity Web Player (HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unreal Tournament G.O.T.Y. Edition (HKLM-x32\...\UnrealTournament) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 26.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
ZyWALL SecuExtender (HKLM-x32\...\{644421AA-C633-4508-AC2C-0EA631C165E6}) (Version: 3.0.20.0 - ZyXEL Communications Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-22] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-02-21] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-22] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2020-02-24 21:50 - 2020-02-24 21:50 - 001743360 ____T (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\bookingDesktopApppdate.dll
2020-04-20 20:41 - 2015-06-17 16:01 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_CSY.DLL
2020-04-20 20:41 - 2015-06-17 16:00 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2018-04-26 18:32 - 2013-09-17 16:47 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2012-02-26 04:19 - 2012-02-26 04:19 - 000168448 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2012-02-26 04:20 - 2012-02-26 04:20 - 000284160 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2012-02-26 04:20 - 2012-02-26 04:20 - 003280896 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2012-02-26 04:18 - 2012-02-26 04:18 - 000102400 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
2012-02-26 04:22 - 2012-02-26 04:22 - 000104448 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2012-02-26 04:21 - 2012-02-26 04:21 - 000054272 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
2012-02-26 04:26 - 2012-02-26 04:26 - 000545792 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2012-02-26 04:30 - 2012-02-26 04:30 - 000325120 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\panihvint.dll
2012-02-26 04:24 - 2012-02-26 04:24 - 001051136 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2012-02-26 04:30 - 2012-02-26 04:30 - 000178176 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\Ps7ZCfgS.dll
2012-02-26 04:18 - 2012-02-26 04:18 - 000020992 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2018-06-09 14:03 - 2018-06-09 14:03 - 000796672 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\MSVCR80.dll
2012-02-26 03:38 - 2012-02-26 03:38 - 001830912 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:netNLSPreferences [0]
AlternateDataStreams: C:\Windows:nlsPreferences [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2020-05-22 20:35 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daldous\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.96.160.6 - 212.96.161.7
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3276BC8C-F477-413A-A386-403B8B9112B9}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [TCP Query User{D8F698D8-246A-4383-8525-C130B9448805}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe () [File not signed]
FirewallRules: [UDP Query User{ABC5A62D-539E-4326-AB97-26ECE174FBD3}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe () [File not signed]
FirewallRules: [TCP Query User{7B6384D9-0EDD-444C-A0DB-7FDBCCB7A3F3}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe () [File not signed]
FirewallRules: [UDP Query User{6D34E425-4485-461A-B6B0-24D3D87943FC}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe () [File not signed]
FirewallRules: [TCP Query User{6355C514-E5C8-480D-A11B-2BCD87B2CF51}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{BEC17AB7-689E-4FA5-8ACC-1FD4D06A8BE5}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{49EB036B-71EF-4341-B974-D5337C069C9A}C:\users\daldous\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{B3A5C1E6-75AF-4D5A-BF32-7F479D25B86B}C:\users\daldous\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{85B6B8FB-C2F1-4475-8B81-FBAF057A3940}] => (Allow) C:\Users\Daldous\AppData\Roaming\uTorrent\uTorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{6AD3BDA3-3F45-49DF-8449-500D8643BB2E}] => (Allow) C:\Users\Daldous\AppData\Roaming\uTorrent\uTorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{47AA4F92-3CDB-45DC-9077-AD8D49201AF7}C:\unrealtournament\system\unrealtournament.exe] => (Block) C:\unrealtournament\system\unrealtournament.exe () [File not signed]
FirewallRules: [UDP Query User{302BC98B-A8A0-4874-B9E3-A34C3AF76A87}C:\unrealtournament\system\unrealtournament.exe] => (Block) C:\unrealtournament\system\unrealtournament.exe () [File not signed]
FirewallRules: [{4C60C5D7-C112-4C3C-BA8A-25CC384C1726}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0E13BECE-0EE9-41EA-A476-90EECF96E91B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AFF06221-4254-4C35-BDD4-2AA2242AE6B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{07A901A1-B187-45E8-81D6-8CFF12CF67FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{50293D52-673E-408F-A9A1-361F252B1E1F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{929C34F4-2A1A-4F4E-B746-71BF02AF1D20}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [TCP Query User{9FE6B1C1-5935-4867-A642-BE1328445F69}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe => No File
FirewallRules: [UDP Query User{A63A77E5-3036-4074-8B77-571DE54C15C3}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe => No File
FirewallRules: [TCP Query User{E4838F88-BD7F-4141-A967-50B5E1931D06}C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe] => (Allow) C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe (The build server will stamp this field) [File not signed]
FirewallRules: [UDP Query User{B90CF693-96C5-4FD5-AA29-FE8D1874DA96}C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe] => (Allow) C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe (The build server will stamp this field) [File not signed]
FirewallRules: [TCP Query User{2CFA9237-C7D9-4482-B34F-F2EEA9313070}C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe => No File
FirewallRules: [UDP Query User{B948267A-0B53-47DA-BF05-C3752CD5D088}C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe => No File
FirewallRules: [{94236AF8-F1BE-40F7-9273-170391188A2C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A6B25143-9506-4195-979F-A70E95753B4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{606D2C99-F258-4A54-A539-2A00771A50D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe (© 2001-2004 Atari Inc.) [File not signed]
FirewallRules: [{1665C564-19E8-41DF-83B0-DEFEA1B846AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe (© 2001-2004 Atari Inc.) [File not signed]
FirewallRules: [TCP Query User{0B83AD62-86C3-4EE1-A5BC-56F3EFE20683}G:\hry\beholder.update.02.04.2018\beholder\beholder.exe] => (Allow) G:\hry\beholder.update.02.04.2018\beholder\beholder.exe => No File
FirewallRules: [UDP Query User{4185BCE3-9878-485E-8329-B92FE1D0A3FD}G:\hry\beholder.update.02.04.2018\beholder\beholder.exe] => (Allow) G:\hry\beholder.update.02.04.2018\beholder\beholder.exe => No File
FirewallRules: [TCP Query User{8E2592E2-14C3-4C0D-9B3B-23D421D7119E}G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe] => (Allow) G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe => No File
FirewallRules: [UDP Query User{BA59A845-A967-4874-A27E-6210110C54CF}G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe] => (Allow) G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe => No File
FirewallRules: [{5B900344-9566-4AB9-B584-60B953E5BAFD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5C25E32A-C9D3-4A1D-A21F-D6E5113AEDC5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{597E636A-AB73-4D18-BE6C-CBBBEBFBB36C}] => (Allow) C:\Program Files (x86)\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe (Take-Two Interactive Software, Inc. -> Firaxis Games)
FirewallRules: [{D15E0D44-21FE-4F26-AE9E-37DD76E0BA5E}] => (Allow) C:\Program Files (x86)\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe (Take-Two Interactive Software, Inc. -> Firaxis Games)
FirewallRules: [TCP Query User{8DC4CCF3-03F9-44D9-B887-94D2851FDC73}C:\users\daldous\downloads\daikatanadm\katanadm.exe] => (Allow) C:\users\daldous\downloads\daikatanadm\katanadm.exe () [File not signed]
FirewallRules: [UDP Query User{EDE02249-031A-4DB1-9F67-47E9194EC38B}C:\users\daldous\downloads\daikatanadm\katanadm.exe] => (Allow) C:\users\daldous\downloads\daikatanadm\katanadm.exe () [File not signed]
FirewallRules: [{1A16309C-B1C9-4EE0-9B2C-0A60695EFBB3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FB940F11-9F7A-4F72-BC87-AF3ADD234043}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{FFE9CCC9-ECC7-4FFD-9F6A-15A5AFD02908}C:\users\daldous\desktop\quake 3 arena\quake3.exe] => (Block) C:\users\daldous\desktop\quake 3 arena\quake3.exe => No File
FirewallRules: [UDP Query User{C581EE3C-EC43-433A-BA11-D97837901D54}C:\users\daldous\desktop\quake 3 arena\quake3.exe] => (Block) C:\users\daldous\desktop\quake 3 arena\quake3.exe => No File
FirewallRules: [TCP Query User{D8796889-39CA-4672-B745-715B8AD96CC9}C:\users\daldous\desktop\warcraft iii\war3.exe] => (Allow) C:\users\daldous\desktop\warcraft iii\war3.exe => No File
FirewallRules: [UDP Query User{EA4E089A-A59A-4833-8265-CA76104D584D}C:\users\daldous\desktop\warcraft iii\war3.exe] => (Allow) C:\users\daldous\desktop\warcraft iii\war3.exe => No File
FirewallRules: [TCP Query User{9AD3CC7B-DD83-45AF-B2EB-F75A407D96A4}C:\users\daldous\desktop\daikatanadm\katanadm.exe] => (Allow) C:\users\daldous\desktop\daikatanadm\katanadm.exe => No File
FirewallRules: [UDP Query User{36BDA6C3-3CB0-415B-BF81-C2306ACFBD34}C:\users\daldous\desktop\daikatanadm\katanadm.exe] => (Allow) C:\users\daldous\desktop\daikatanadm\katanadm.exe => No File
FirewallRules: [{53EA4795-32A2-4894-9FD4-4985F0B0ED34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{E0532C51-EBBB-4B76-928A-EB2580DFFBF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{DFD64786-D002-45A1-90E1-6371B6ADB360}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{BF409CC6-7AED-45AC-9484-BCB44C22AA8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{9D9F65C3-AE30-414D-8BCC-DDEFB8719654}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

07-05-2020 14:17:57 Naplánovaný kontrolní bod
15-05-2020 11:13:56 Naplánovaný kontrolní bod
16-05-2020 08:42:27 Intel® Driver & Support Assistant
23-05-2020 11:29:01 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: BCM43142A0
Description: BCM43142A0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: E:\
Description: Card Reader
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Multiple
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: ========================

Application errors:
==================
Error: (05/24/2020 02:30:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/23/2020 01:25:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/22/2020 08:30:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/22/2020 01:04:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/16/2020 08:44:46 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DSAService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na Intel.DSA.CommonCore.Controllers.LoggingBaseClass.TraceMethodStart(System.Type, System.String, System.String)
na DSARestService.RestHttpListener.StopListening()
na DSARestService.RestHttpListener.Finalize()

Error: (05/16/2020 08:30:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/12/2020 11:59:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ZeroConfigService.exe, verze: 15.1.0.2, časové razítko: 0x4f4a262d
Název chybujícího modulu: MurocApi.dll, verze: 15.1.0.1, časové razítko: 0x4f4a2503
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002084b
ID chybujícího procesu: 0xb10
Čas spuštění chybující aplikace: 0x01d62843eabd5641
Cesta k chybující aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Cesta k chybujícímu modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll
ID zprávy: 3623dcd5-9437-11ea-956a-3c970e9dbfa4

Error: (05/12/2020 11:58:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (05/24/2020 06:59:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 6krát.

Error: (05/24/2020 05:59:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 5krát.

Error: (05/24/2020 04:11:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 4krát.

Error: (05/24/2020 02:56:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (05/24/2020 02:40:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (05/24/2020 02:33:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/24/2020 02:33:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).

Error: (05/24/2020 02:33:15 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas. při pokusu o spuštění služby WSearch s argumenty za účelem spuštění serveru:
{9E175B6D-F52A-11D8-B9A5-505054503030}


Windows Defender:
===================================
Date: 2015-07-20 06:42:38.108
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{1945B44B-5AE2-4ECB-B4CC-CC3E939B7051}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2014-06-23 21:43:14.728
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

CodeIntegrity:
===================================

Date: 2016-09-08 18:05:59.242
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 18:05:59.055
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 17:56:05.694
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 17:56:05.523
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-31 21:57:30.663
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-31 21:57:30.336
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-22 15:58:20.936
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-22 15:58:20.718
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: LENOVO H9ET73WW(1.10) 04/09/2013
Motherboard: LENOVO 20206
Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 74%
Total physical RAM: 3673.36 MB
Available physical RAM: 922 MB
Total Virtual: 7344.9 MB
Available Virtual: 4303.92 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:235.49 GB) (Free:133.09 GB) NTFS
Drive g: (Nový svazek) (Fixed) (Total:229.27 GB) (Free:47.83 GB) NTFS
Drive n: () (CDROM) (Total:3.08 GB) (Free:0 GB) CDFS

\\?\Volume{fb46e9ad-10e3-11e3-abb0-806e6f6e6963}\ (LENOVO_DOS) (Fixed) (Total:1 GB) (Free:0.98 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5AD204DE)
Partition 1: (Active) - (Size=1 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=235.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=229.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {119FF0B0-85ED-4155-9A8B-BE6A749BF9BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {3BB21976-39B0-4A96-A4C5-26DE6C2CE2C6} - System32\Tasks\{D3BCAA59-7DD0-4378-B9EF-688C1A3E135E} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daldous\Desktop\win64_15.33.48.5069 (1).exe" -d C:\Users\Daldous\Desktop
Task: {DB4F5D94-C477-4CC7-862B-B2ECD67440AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
C:\Windows\system32\Tasks\{7EDFF45A-2086-4085-94CD-56FB60E3298C}
C:\Windows\system32\Tasks\{D3BCAA59-7DD0-4378-B9EF-688C1A3E135E}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Daldous\AppData\Roaming\~SiMPLEX.ini
C:\Users\Daldous\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\Windows:netNLSPreferences [0]
AlternateDataStreams: C:\Windows:nlsPreferences [0]
FirewallRules: [TCP Query User{9FE6B1C1-5935-4867-A642-BE1328445F69}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe => No File
FirewallRules: [UDP Query User{A63A77E5-3036-4074-8B77-571DE54C15C3}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe => No File
FirewallRules: [TCP Query User{2CFA9237-C7D9-4482-B34F-F2EEA9313070}C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe => No File
FirewallRules: [UDP Query User{B948267A-0B53-47DA-BF05-C3752CD5D088}C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe => No File
FirewallRules: [{94236AF8-F1BE-40F7-9273-170391188A2C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A6B25143-9506-4195-979F-A70E95753B4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{0B83AD62-86C3-4EE1-A5BC-56F3EFE20683}G:\hry\beholder.update.02.04.2018\beholder\beholder.exe] => (Allow) G:\hry\beholder.update.02.04.2018\beholder\beholder.exe => No File
FirewallRules: [UDP Query User{4185BCE3-9878-485E-8329-B92FE1D0A3FD}G:\hry\beholder.update.02.04.2018\beholder\beholder.exe] => (Allow) G:\hry\beholder.update.02.04.2018\beholder\beholder.exe => No File
FirewallRules: [TCP Query User{8E2592E2-14C3-4C0D-9B3B-23D421D7119E}G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe] => (Allow) G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe => No File
FirewallRules: [UDP Query User{BA59A845-A967-4874-A27E-6210110C54CF}G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe] => (Allow) G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe => No File
FirewallRules: [TCP Query User{FFE9CCC9-ECC7-4FFD-9F6A-15A5AFD02908}C:\users\daldous\desktop\quake 3 arena\quake3.exe] => (Block) C:\users\daldous\desktop\quake 3 arena\quake3.exe => No File
FirewallRules: [UDP Query User{C581EE3C-EC43-433A-BA11-D97837901D54}C:\users\daldous\desktop\quake 3 arena\quake3.exe] => (Block) C:\users\daldous\desktop\quake 3 arena\quake3.exe => No File
FirewallRules: [TCP Query User{D8796889-39CA-4672-B745-715B8AD96CC9}C:\users\daldous\desktop\warcraft iii\war3.exe] => (Allow) C:\users\daldous\desktop\warcraft iii\war3.exe => No File
FirewallRules: [UDP Query User{EA4E089A-A59A-4833-8265-CA76104D584D}C:\users\daldous\desktop\warcraft iii\war3.exe] => (Allow) C:\users\daldous\desktop\warcraft iii\war3.exe => No File
FirewallRules: [TCP Query User{9AD3CC7B-DD83-45AF-B2EB-F75A407D96A4}C:\users\daldous\desktop\daikatanadm\katanadm.exe] => (Allow) C:\users\daldous\desktop\daikatanadm\katanadm.exe => No File
FirewallRules: [UDP Query User{36BDA6C3-3CB0-415B-BF81-C2306ACFBD34}C:\users\daldous\desktop\daikatanadm\katanadm.exe] => (Allow) C:\users\daldous\desktop\daikatanadm\katanadm.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

daldous
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 12 lis 2006 09:56

Re: Prosím o kontrolu logu

#9 Příspěvek od daldous »

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-05-2020 01
Ran by Daldous (24-05-2020 20:03:19) Run:1
Running from C:\Users\Daldous\Desktop
Loaded Profiles: Daldous
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {119FF0B0-85ED-4155-9A8B-BE6A749BF9BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {3BB21976-39B0-4A96-A4C5-26DE6C2CE2C6} - System32\Tasks\{D3BCAA59-7DD0-4378-B9EF-688C1A3E135E} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daldous\Desktop\win64_15.33.48.5069 (1).exe" -d C:\Users\Daldous\Desktop
Task: {DB4F5D94-C477-4CC7-862B-B2ECD67440AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
C:\Windows\system32\Tasks\{7EDFF45A-2086-4085-94CD-56FB60E3298C}
C:\Windows\system32\Tasks\{D3BCAA59-7DD0-4378-B9EF-688C1A3E135E}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Daldous\AppData\Roaming\~SiMPLEX.ini
C:\Users\Daldous\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\Windows:netNLSPreferences [0]
AlternateDataStreams: C:\Windows:nlsPreferences [0]
FirewallRules: [TCP Query User{9FE6B1C1-5935-4867-A642-BE1328445F69}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe => No File
FirewallRules: [UDP Query User{A63A77E5-3036-4074-8B77-571DE54C15C3}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe => No File
FirewallRules: [TCP Query User{2CFA9237-C7D9-4482-B34F-F2EEA9313070}C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe => No File
FirewallRules: [UDP Query User{B948267A-0B53-47DA-BF05-C3752CD5D088}C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe => No File
FirewallRules: [{94236AF8-F1BE-40F7-9273-170391188A2C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{A6B25143-9506-4195-979F-A70E95753B4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{0B83AD62-86C3-4EE1-A5BC-56F3EFE20683}G:\hry\beholder.update.02.04.2018\beholder\beholder.exe] => (Allow) G:\hry\beholder.update.02.04.2018\beholder\beholder.exe => No File
FirewallRules: [UDP Query User{4185BCE3-9878-485E-8329-B92FE1D0A3FD}G:\hry\beholder.update.02.04.2018\beholder\beholder.exe] => (Allow) G:\hry\beholder.update.02.04.2018\beholder\beholder.exe => No File
FirewallRules: [TCP Query User{8E2592E2-14C3-4C0D-9B3B-23D421D7119E}G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe] => (Allow) G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe => No File
FirewallRules: [UDP Query User{BA59A845-A967-4874-A27E-6210110C54CF}G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe] => (Allow) G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe => No File
FirewallRules: [TCP Query User{FFE9CCC9-ECC7-4FFD-9F6A-15A5AFD02908}C:\users\daldous\desktop\quake 3 arena\quake3.exe] => (Block) C:\users\daldous\desktop\quake 3 arena\quake3.exe => No File
FirewallRules: [UDP Query User{C581EE3C-EC43-433A-BA11-D97837901D54}C:\users\daldous\desktop\quake 3 arena\quake3.exe] => (Block) C:\users\daldous\desktop\quake 3 arena\quake3.exe => No File
FirewallRules: [TCP Query User{D8796889-39CA-4672-B745-715B8AD96CC9}C:\users\daldous\desktop\warcraft iii\war3.exe] => (Allow) C:\users\daldous\desktop\warcraft iii\war3.exe => No File
FirewallRules: [UDP Query User{EA4E089A-A59A-4833-8265-CA76104D584D}C:\users\daldous\desktop\warcraft iii\war3.exe] => (Allow) C:\users\daldous\desktop\warcraft iii\war3.exe => No File
FirewallRules: [TCP Query User{9AD3CC7B-DD83-45AF-B2EB-F75A407D96A4}C:\users\daldous\desktop\daikatanadm\katanadm.exe] => (Allow) C:\users\daldous\desktop\daikatanadm\katanadm.exe => No File
FirewallRules: [UDP Query User{36BDA6C3-3CB0-415B-BF81-C2306ACFBD34}C:\users\daldous\desktop\daikatanadm\katanadm.exe] => (Allow) C:\users\daldous\desktop\daikatanadm\katanadm.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{119FF0B0-85ED-4155-9A8B-BE6A749BF9BF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{119FF0B0-85ED-4155-9A8B-BE6A749BF9BF}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BB21976-39B0-4A96-A4C5-26DE6C2CE2C6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BB21976-39B0-4A96-A4C5-26DE6C2CE2C6}" => removed successfully
C:\Windows\System32\Tasks\{D3BCAA59-7DD0-4378-B9EF-688C1A3E135E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D3BCAA59-7DD0-4378-B9EF-688C1A3E135E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB4F5D94-C477-4CC7-862B-B2ECD67440AF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB4F5D94-C477-4CC7-862B-B2ECD67440AF}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\Windows\system32\Tasks\{7EDFF45A-2086-4085-94CD-56FB60E3298C} => moved successfully
"C:\Windows\system32\Tasks\{D3BCAA59-7DD0-4378-B9EF-688C1A3E135E}" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Daldous\AppData\Roaming\~SiMPLEX.ini => moved successfully
C:\Users\Daldous\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Windows => ":netNLSPreferences" ADS removed successfully
C:\Windows => ":nlsPreferences" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9FE6B1C1-5935-4867-A642-BE1328445F69}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A63A77E5-3036-4074-8B77-571DE54C15C3}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2CFA9237-C7D9-4482-B34F-F2EEA9313070}C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B948267A-0B53-47DA-BF05-C3752CD5D088}C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{94236AF8-F1BE-40F7-9273-170391188A2C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A6B25143-9506-4195-979F-A70E95753B4C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0B83AD62-86C3-4EE1-A5BC-56F3EFE20683}G:\hry\beholder.update.02.04.2018\beholder\beholder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4185BCE3-9878-485E-8329-B92FE1D0A3FD}G:\hry\beholder.update.02.04.2018\beholder\beholder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8E2592E2-14C3-4C0D-9B3B-23D421D7119E}G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BA59A845-A967-4874-A27E-6210110C54CF}G:\hry\rimworld.v1.0.1954\rimworld\rimworldwin64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FFE9CCC9-ECC7-4FFD-9F6A-15A5AFD02908}C:\users\daldous\desktop\quake 3 arena\quake3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C581EE3C-EC43-433A-BA11-D97837901D54}C:\users\daldous\desktop\quake 3 arena\quake3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D8796889-39CA-4672-B745-715B8AD96CC9}C:\users\daldous\desktop\warcraft iii\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EA4E089A-A59A-4833-8265-CA76104D584D}C:\users\daldous\desktop\warcraft iii\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9AD3CC7B-DD83-45AF-B2EB-F75A407D96A4}C:\users\daldous\desktop\daikatanadm\katanadm.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{36BDA6C3-3CB0-415B-BF81-C2306ACFBD34}C:\users\daldous\desktop\daikatanadm\katanadm.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45140588 B
Java, Flash, Steam htmlcache => 137911095 B
Windows/system/drivers => 106382599 B
Edge => 0 B
Chrome => 595644986 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 256 B
Daldous => 1917825680 B

RecycleBin => 80174 B
EmptyTemp: => 2.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:07:49 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#10 Příspěvek od Rudy »

Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

daldous
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 12 lis 2006 09:56

Re: Prosím o kontrolu logu

#11 Příspěvek od daldous »

Diky moc, jste frajeři.
Pokud je to vše, může se uzavřít.
D.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#12 Příspěvek od Rudy »

Z mé strany je to vše. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno