VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Kontrola logu - využití CPU 100%

https://forum.viry.cz:443/viewtopic.php?t=156520

Stránka 3 z 4

Re: Kontrola logu - využití CPU 100%

Napsal: 18 pro 2019 22:19
od flustr
Ano nyní PC již funguje i v normálním režimu.

Provedl jsem nový test s KVRT, který již nic neodhalil.

Problém s využitím CPU na 100 % ovšem stále přetrvává.

Re: Kontrola logu - využití CPU 100%

Napsal: 19 pro 2019 15:27
od Conder
Poprosim o obidva nove logy z FRST. Tiez pozri do spravcu uloh, ci sa zmenili procesy, ktore najviac vytazuju CPU (idealne posli aj screenshot/snimku obrazovky).

Re: Kontrola logu - využití CPU 100%

Napsal: 30 pro 2019 18:16
od flustr
zdravím vás,
nové logy a screenshot níže.
Co se týká běžících programů je to stále stejné.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-12-2019
Ran by M (administrator) on M-PC (Acer, inc. Aspire 7730G) (30-12-2019 18:01:57)
Running from C:\Users\M\Desktop
Loaded Profiles: M (Available Profiles: M)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\ACER\Mobility Center\MobilityService.exe
() [File not signed] C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
() [File not signed] C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
() [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() [File not signed] C:\Windows\PLFSetI.exe
(Acer Corp.) [File not signed] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
(Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
(Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(CyberLink -> ) [File not signed] C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(CyberLink -> ) C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(CyberLink Corp.) [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(CyberLink) [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Launch Manager\QtZgAcer.EXE
(DT Soft Ltd -> DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(EGIS TECHNOLOGY INC. -> Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(EGIS TECHNOLOGY INC. -> Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(NewTech Infosystems, Inc -> ) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
(NewTech Infosystems, Inc -> NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
(NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Users\M\AppData\Local\Temp\RtkBtMnt.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512 2008-01-18] (Synaptics Incorporated -> Synaptics, Inc.)
HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated)
HKLM\...\Run: [eAudio] => C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [544768 2008-03-07] (Acer Incorporated) [File not signed]
HKLM\...\Run: [ePower_DMC] => C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [397312 2008-04-23] (Acer Inc.) [File not signed]
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-03-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BkupTray] => C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [34040 2008-04-06] (NewTech Infosystems, Inc -> )
HKLM\...\Run: [WarReg_PopUp] => C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [303104 2008-01-29] (Acer Incorporated) [File not signed]
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13543968 2008-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] => C:\Windows\system32\NvMcTray.dll [92704 2008-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [821768 2008-07-02] (Dritek System Inc. -> Dritek System Inc.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2007-10-23] () [File not signed]
HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3607040 2019-01-20] (Arachnoid Biometrics Identification Group Corp.) [File not signed]
HKLM\...\Run: [ArcadeDeluxeAgent] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [147456 2008-05-12] (CyberLink Corp.) [File not signed]
HKLM\...\Run: [CLMLServer] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [167936 2008-05-12] (CyberLink) [File not signed]
HKLM\...\Run: [PlayMovie] => C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [167936 2008-05-12] (Acer Corp.) [File not signed]
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [242392 2019-11-10] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-01-21] (Google Inc -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{5ECD2B32-EE53-4D02-8C18-089742CE5065}] -> C:\Program Files\Acer\Acer Bio Protection\CompPtc.dll [2019-01-20] (Arachnoid Biometrics Identification Group Corp.) [File not signed]
Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2019-01-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {488B3D63-D490-4CA5-B32D-316793B38CB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-01-20] (Google Inc -> Google Inc.)
Task: {53D90854-83C2-402C-90D7-22F6B1D7F8E4} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [2762968 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {A4EA5DEC-D1A3-4CEA-8F18-8F7C1529B29D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-01-20] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Microsoft Windows -> Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 217.144.16.197 217.144.16.199 192.168.1.254
Tcpip\..\Interfaces\{43BD8E87-7A28-43E2-AEE4-22D9B5859752}: [DhcpNameServer] 217.144.16.197 217.144.16.199 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-709419016-1147377520-125327568-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-709419016-1147377520-125327568-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... SK832SK833
SearchScopes: HKU\S-1-5-21-709419016-1147377520-125327568-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... SK832SK833
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated.)

FireFox:
========
FF ProfilePath: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\89bh58pq.default [2019-11-12]
FF NetworkProxy: Mozilla\Firefox\Profiles\89bh58pq.default -> type", 0
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-17] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-17] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-branding.js [2010-09-14]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-l10n.js [2010-09-14]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox.js [2010-09-14]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\reporter.js [2010-09-14]

Chrome:
=======
CHR Notifications: Default -> hxxps://cz1n.kingdoms.com; hxxps://cz1n.kingdoms.com; hxxps://www.artofzoo.com
CHR Profile: C:\Users\M\AppData\Local\Google\Chrome\User Data\Default [2019-12-30]
CHR Extension: (Prezentace) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-21]
CHR Extension: (Dokumenty) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-21]
CHR Extension: (Disk Google) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-21]
CHR Extension: (YouTube) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-21]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-18]
CHR Extension: (Tabulky) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-22]
CHR Extension: (Avast Online Security) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-10-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-20]
CHR Extension: (Gmail) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AgereModemAudio; C:\Windows\system32\agrsmsvc.exe [13312 2008-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Agere Systems)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [6799632 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [324000 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R2 BUNAgentSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [File not signed]
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] (CyberLink -> ) [File not signed]
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-03-21] () [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-16] (Intel(R) Corporation) [File not signed]
R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3471360 2019-01-20] () [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes Corporation -> Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes Corporation -> Malwarebytes)
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () [File not signed]
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-04] () [File not signed]
R2 nvsvc; C:\Windows\system32\nvvsvc.exe [196608 2008-08-07] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-16] (Intel(R) Corporation) [File not signed]
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] (CyberLink -> )
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AgereSoftModem; C:\Windows\System32\DRIVERS\AGRSM.sys [1202560 2008-02-29] (Microsoft Windows Hardware Compatibility Publisher -> Agere Systems)
R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2019-01-20] (Dejan Maksimovic -> Alfa Corporation)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2019-11-10] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2019-11-10] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [70640 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784552 2019-11-10] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397984 2019-11-10] (AVAST Software s.r.o. -> AVAST Software)
S3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [146584 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146688 2008-04-25] (AuthenTec, Inc. -> AuthenTec, Inc.)
R3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [210432 2008-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
S3 btwaudio; C:\Windows\System32\drivers\btwaudio.sys [80424 2008-02-14] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwavdt; C:\Windows\System32\drivers\btwavdt.sys [80936 2007-07-16] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwrchid; C:\Windows\System32\DRIVERS\btwrchid.sys [16168 2007-07-16] (Broadcom Corporation -> Broadcom Corporation.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2019-01-20] (DT Soft Ltd -> DT Soft Ltd)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Microsoft Windows -> Společnost Microsoft)
R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed]
S4 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
S4 iteraid; C:\Windows\system32\drivers\iteraid.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
R3 JMCR; C:\Windows\System32\DRIVERS\jmcr.sys [81296 2008-04-21] (Contoso.com(Test) -> JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2019-12-18] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation -> Malwarebytes Corporation)
S4 Mraid35x; C:\Windows\system32\drivers\mraid35x.sys [33384 2006-11-02] (Microsoft Windows -> LSI Logic Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1083880 2009-04-11] (Microsoft Windows -> Společnost Microsoft)
R2 NTIPPKernel; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [122368 2008-01-16] (Cyberlink Corp.) [File not signed]
S4 ntrigdigi; C:\Windows\system32\drivers\ntrigdigi.sys [20608 2006-11-02] (Microsoft Windows -> N-trig Innovative Technologies)
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [7545824 2008-08-07] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S4 uliahci; C:\Windows\system32\drivers\uliahci.sys [238648 2008-01-21] (Microsoft Windows -> ULi Electronics Inc.)
S4 UlSata; C:\Windows\system32\drivers\ulsata.sys [98408 2006-11-02] (Microsoft Windows -> Promise Technology, Inc.)
S4 ulsata2; C:\Windows\system32\drivers\ulsata2.sys [115816 2008-01-21] (Microsoft Windows -> Promise Technology, Inc.)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Winbond Electronics Corporation)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [61424 2008-05-09] (CyberLink -> Cyberlink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-30 18:01 - 2019-12-30 18:04 - 000023943 _____ C:\Users\M\Desktop\FRST.txt
2019-12-30 18:01 - 2019-12-30 18:00 - 002000896 _____ (Farbar) C:\Users\M\Desktop\FRST (1).exe
2019-12-30 18:00 - 2019-12-30 18:00 - 002000896 _____ (Farbar) C:\Users\M\Downloads\FRST (1).exe
2019-12-18 18:17 - 2019-12-18 18:16 - 178918840 _____ (AO Kaspersky Lab) C:\Users\M\Desktop\KVRT (1).exe
2019-12-18 18:15 - 2019-12-18 18:16 - 178918840 _____ (AO Kaspersky Lab) C:\Users\M\Downloads\KVRT (1).exe
2019-12-17 19:23 - 2019-12-17 19:23 - 000751782 _____ C:\Users\M\Downloads\Zmluva o postúpení pohľadávok č. 295-2016 - text.pdf
2019-12-17 19:02 - 2019-12-17 19:02 - 000117684 _____ C:\TDSSKiller.3.1.0.28_17.12.2019_18.33.02_log.rar
2019-12-17 19:02 - 2019-12-17 19:02 - 000000000 ____D C:\Users\M\AppData\Roaming\WinRAR
2019-12-17 19:01 - 2019-12-17 19:01 - 003122424 _____ C:\Users\M\Downloads\wrar571cz.exe
2019-12-17 19:01 - 2019-12-17 19:01 - 000000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-12-17 19:01 - 2019-12-17 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-12-17 19:01 - 2019-12-17 19:01 - 000000000 ____D C:\Program Files\WinRAR
2019-12-17 18:59 - 2019-12-17 18:59 - 000757248 _____ (WinZip Computing, S.L.) C:\Users\M\Downloads\winzip23-downwz.exe
2019-12-17 18:55 - 2019-12-17 18:55 - 003065880 _____ ( ) C:\Users\M\Downloads\winzip_4120675057.exe
2019-12-17 18:53 - 2019-12-17 18:53 - 000959288 _____ (WinZip Computing) C:\Users\M\Downloads\winzip24-home.exe
2019-12-17 18:53 - 2019-12-17 18:53 - 000000000 ____D C:\ProgramData\UniqueId
2019-12-17 18:51 - 2019-12-17 18:37 - 000722486 _____ C:\Users\M\Desktop\TDSSKiller.3.1.0.28_17.12.2019_18.33.02_log.txt
2019-12-17 18:33 - 2019-12-17 18:37 - 000722486 _____ C:\TDSSKiller.3.1.0.28_17.12.2019_18.33.02_log.txt
2019-12-17 18:30 - 2019-12-17 18:30 - 000004892 _____ C:\TDSSKiller.3.1.0.28_17.12.2019_18.30.11_log.txt
2019-12-17 00:10 - 2019-12-17 00:10 - 000205704 _____ C:\Windows\Minidump\Mini121719-01.dmp
2019-12-16 21:24 - 2019-12-17 00:04 - 000024436 _____ C:\TDSSKiller.3.1.0.28_16.12.2019_21.24.28_log.txt
2019-12-16 21:21 - 2019-12-16 21:22 - 000005630 _____ C:\TDSSKiller.3.1.0.28_16.12.2019_21.21.57_log.txt
2019-12-16 21:21 - 2019-12-16 19:09 - 005054744 _____ (AO Kaspersky Lab) C:\Users\M\Desktop\tdsskiller.exe
2019-12-08 21:25 - 2019-12-08 21:25 - 000000680 _____ C:\Users\M\AppData\Local\d3d9caps.dat

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-30 18:03 - 2019-11-09 23:38 - 000000000 ____D C:\FRST
2019-12-30 17:54 - 2019-01-22 21:53 - 000054377 _____ C:\ProgramData\nvModes.001
2019-12-30 17:52 - 2019-01-20 19:54 - 000000000 _____ C:\Windows\system32\LogConfigTemp.xml
2019-12-30 17:52 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-30 17:52 - 2006-11-02 13:47 - 000003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-30 17:52 - 2006-11-02 13:47 - 000003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-18 22:48 - 2019-01-20 23:04 - 000000012 _____ C:\Windows\bthservsdp.dat
2019-12-18 22:48 - 2006-11-02 14:01 - 000032568 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-12-18 22:21 - 2019-01-22 21:53 - 000054377 _____ C:\ProgramData\nvModes.dat
2019-12-18 21:46 - 2019-11-26 22:25 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2019-12-18 18:05 - 2019-01-22 22:03 - 000004170 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-12-18 06:11 - 2008-01-21 07:47 - 001418230 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-18 06:11 - 2008-01-21 07:46 - 000607464 _____ C:\Windows\system32\perfh005.dat
2019-12-18 06:11 - 2008-01-21 07:46 - 000118096 _____ C:\Windows\system32\perfc005.dat
2019-12-18 06:11 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2019-12-17 00:15 - 2019-01-20 19:35 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-17 00:15 - 2019-01-20 19:35 - 000003248 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-17 00:10 - 2019-11-11 09:20 - 000000000 ____D C:\Windows\Minidump
2019-12-17 00:10 - 2019-11-11 09:19 - 295342402 _____ C:\Windows\MEMORY.DMP
2019-12-16 21:22 - 2019-11-28 21:54 - 001026792 _____ C:\Windows\ntbtlog.txt

==================== Files in the root of some directories ========

2019-12-08 21:25 - 2019-12-08 21:25 - 000000680 _____ () C:\Users\M\AppData\Local\d3d9caps.dat
2019-01-20 21:05 - 2019-04-18 15:04 - 000006144 _____ () C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-12-30 17:58
==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-12-2019
Ran by M (30-12-2019 18:05:38)
Running from C:\Users\M\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2019-01-20 17:20:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-709419016-1147377520-125327568-500 - Administrator - Disabled)
Guest (S-1-5-21-709419016-1147377520-125327568-501 - Limited - Disabled)
M (S-1-5-21-709419016-1147377520-125327568-1000 - Administrator - Enabled) => C:\Users\M

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3C3813E1-C370-4F32-9639-8B43C7C780CD}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{F67648A4-713E-4298-BBAD-A83D8283B0F3}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{2659571A-3405-4486-B7D8-2F125BC0E3B2}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
Acer Arcade Deluxe (HKLM\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 2.0.5315 - CyberLink Corp.) Hidden
Acer Arcade Deluxe (HKLM\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 2.0.5315 - CyberLink Corp.)
Acer Bio Protection

AAA 6.0.00.13 (HKLM\...\Acer Acer Bio Protection 6.0.00.13) (Version: - )
Acer Crystal Eye Webcam 2.0.8 (HKLM\...\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}) (Version: 2.0.8 - SuYin)
Acer eAudio Management (HKLM\...\{57265292-228A-41FA-9AEC-4620CBCC2739}) (Version: 3.0.3007 - CyberLink Corp.)
Acer eDataSecurity Management (HKLM\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 3.0.3060 - Egis Inc.)
Acer Empowering Technology (HKLM\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.0.3006 - Acer Incorporated)
Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 3.0.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.0.3013 - Acer Incorporated)
Acer eSettings Management (HKLM\...\{13D85C14-2B85-419F-AC41-C7F21E68B25D}) (Version: 3.0.3007 - Acer Incorporated)
Acer GameZone Console 2.0.1.1 (HKLM\...\Acer GameZone Console_is1) (Version: - Oberon Media, Inc.)
Acer GridVista (HKLM\...\GridVista) (Version: 2.72.317 - )
Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 3.0.3000 - Acer Inc.)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 1.12.0506 - Acer Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader 8.1.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Agatha Christie Death on the Nile (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}) (Version: - Oberon Media)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
Alice Greenfingers (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
AuthenTec Fingerprint Sensor Minimum Install (HKLM\...\{31A5ED9F-E07B-4F6E-8179-27325BAAC502}) (Version: 7.10.0.1129 - AuthenTec)
AutoCAD 2009 - český (HKLM\...\{5783F2D7-7001-0405-0002-0060B0CE6BBA}) (Version: 17.2.56.0 - Autodesk) Hidden
AutoCAD 2009 - český (HKLM\...\AutoCAD 2009 - český) (Version: 17.2.56.0 - Autodesk)
Autodesk Design Review 2009 (HKLM\...\{450063AA-643B-417C-8CF5-405BA3F4EF40}) (Version: 9.0.96 - Autodesk, Inc.) Hidden
Autodesk Design Review 2009 (HKLM\...\Autodesk Design Review 2009) (Version: 9.0.96 - Autodesk, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
AVerMedia A310 (MiniCard, DVB-T) 1.1.0.27 (HKLM\...\AVerMedia A310 (MiniCard, DVB-T)) (Version: 1.1.0.27 - AVerMedia TECHNOLOGIES, Inc.)
Azada (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}) (Version: - Oberon Media)
Backspin Billiards (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}) (Version: - Oberon Media)
Big Kahuna Reef (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}) (Version: - Oberon Media)
Bookworm Deluxe (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}) (Version: - Oberon Media)
Bricks of Egypt (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}) (Version: - Oberon Media)
Broadcom Gigabit Integrated Controller (HKLM\...\{A64A5576-D862-44F8-89DC-2B17FCC9B86E}) (Version: 11.11.03 - Broadcom Corporation)
Cake Mania (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
Counter-Strike 1.6 (HKLM\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Diner Dash Flo on the Go (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}) (Version: - Oberon Media)
eSobi v2 (HKLM\...\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.3.000189 - esobi Inc.) Hidden
eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.3.000189 - esobi Inc.)
Flip Words 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}) (Version: - Oberon Media)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.2.183.23 - Google Inc.) Hidden
Chicken Invaders 3 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}) (Version: - Oberon Media)
Chuzzle (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}) (Version: - Oberon Media)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Jewel Quest Solitaire (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}) (Version: - Oberon Media)
JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.10.04 - JMicron Technology Corp.)
Kick N Rush (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}) (Version: - Oberon Media)
Launch Manager (HKLM\...\LManager) (Version: - )
LightScribe 1.4.142.1 (HKLM\...\{CE386A4E-D0DA-4208-8235-BCE43275C694}) (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Mahjong Escape Ancient China (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media)
Mahjongg Artifacts (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}) (Version: - Oberon Media)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Works (HKLM\...\{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox (3.6.10) (HKLM\...\Mozilla Firefox (3.6.10)) (Version: 3.6.10 (cs) - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery Case Files - Huntsville (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}) (Version: - Oberon Media)
Mystery Solitaire - Secret Island (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}) (Version: - Oberon Media)
NemExpress (HKLM\...\NemExpress) (Version: NemExpress version 1.11 - PLUTO-OLT spol. s r. o.)
NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.503 - NewTech Infosystems)
NTI Backup Now Standard (HKLM\...\{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.503 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM\...\{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6322 - Název společnosti:) Hidden
NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6322 - Název společnosti:)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
Orion (HKLM\...\{5B63A470-9334-44D1-AF61-6CE2DB565AE9}) (Version: 2.0.1 - Convesoft)
PhotoNow! (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.4619 - CyberLink Corp.)
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2713 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2713 - CyberLink Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5612 - Realtek Semiconductor Corp.)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{35C0A1E4-D02A-412C-841F-266DBB116ABB}) (Version: 12.02.0000 - Intel(R) Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.2.4.0 - Synaptics)
Turbo Pizza (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}) (Version: - Oberon Media)
Update for Office 2007 (KB946691) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A420F522-7395-4872-9882-C591B4B92278}) (Version: - Microsoft)
VBA (2627.01) (HKLM\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.6300 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6300 - Broadcom Corporation)
Winbond CIR Device Drivers (HKLM\...\{10F498FF-5392-4DF3-8F73-FE172A9F3800}) (Version: 7.60.1012 - Winbond Electronics Corporation)
WinRAR 5.71 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinZip 12.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. )
Zuma Deluxe (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}) (Version: - Oberon Media)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2009\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2008-02-10] (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2008-02-10] (Autodesk, Inc -> Autodesk) [File not signed]
ContextMenuHandlers1: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2008-01-21] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSshellExt.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSshellExt.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {A70C977A-BF00-412C-90B7-034C51DA2439} => C:\Windows\system32\nvcpl.dll [2008-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2008-04-14 15:47 - 2007-11-27 14:08 - 000032768 _____ () [File not signed] C:\Acer\Mobility Center\MobilityInterface.dll
2008-05-12 22:11 - 2008-05-12 22:11 - 000753664 ____N () [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll
2008-05-12 22:11 - 2008-05-12 22:11 - 000007680 ____N () [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll
2019-01-20 19:57 - 2019-01-20 19:57 - 000080896 _____ () [File not signed] C:\Program Files\Acer\Acer Bio Protection\PwdFilter.dll
2008-04-14 15:14 - 2008-03-07 02:35 - 000016384 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eAudio\eAudioSrvPlugin.dll
2008-04-14 15:11 - 2008-05-26 14:37 - 000016384 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll
2008-04-14 15:11 - 2008-05-26 14:39 - 000143360 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll
2008-04-14 15:11 - 2008-05-26 14:40 - 000016384 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll
2008-04-14 15:11 - 2008-05-26 14:37 - 000036864 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll
2019-11-10 21:34 - 2019-11-10 21:34 - 048936448 _____ () [File not signed] C:\Program Files\Alwil Software\Avast5\libcef.dll
2008-10-16 16:57 - 2008-10-16 16:57 - 000200704 _____ () [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2008-04-04 01:54 - 2008-04-04 01:54 - 000003072 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 001024000 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000098304 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000061440 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll
2008-02-12 13:12 - 2008-02-12 13:12 - 000126976 _____ () [File not signed] C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2019-01-21 22:04 - 2016-09-06 11:00 - 000147456 _____ () [File not signed] C:\Users\M\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
2019-01-21 22:04 - 2016-09-06 11:00 - 005197312 _____ () [File not signed] C:\Users\M\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000028672 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3006.0__672b450de5a7e94a\Framework.Host.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000061440 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3006.0__3036420f80dd6947\Framework.Library.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000032768 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3006.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000020480 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3006.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000016384 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3006.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000036864 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3006.0__4df5dcab8860d239\Framework.Utility.dll
2008-04-14 15:14 - 2008-04-23 14:58 - 000204800 _____ () [File not signed] C:\Windows\System32\SysHook.dll
2019-01-20 19:56 - 2019-01-20 19:56 - 000208896 _____ (ABIG) [File not signed] C:\Windows\system32\ATSC70PBA.dll
2008-04-14 15:14 - 2008-04-23 14:58 - 000016384 _____ (Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\ePowerSrvPlugin.dll
2008-04-14 15:14 - 2008-04-23 14:57 - 000032768 _____ (Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\WMIInterface.dll
2008-04-14 15:14 - 2008-04-23 14:57 - 000091648 _____ (Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\WMIServiceDLL.dll
2019-01-20 19:54 - 2008-06-04 13:01 - 000057344 _____ (Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\eRecovery\eRecovery.RemoteServer.dll
2019-01-20 19:54 - 2008-04-29 09:37 - 000028672 _____ (Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\eRecovery\eRecovery.ServicePlugin.dll
2019-01-20 19:53 - 2008-04-29 09:37 - 000016384 _____ (Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\Service\eRecovery.RemoteServerInterface.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000569344 _____ (Acer PVL) [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.UIComponent\3.0.3006.0__739b31b1908c49e5\Framework.UIComponent.dll
2008-04-14 15:10 - 2008-03-21 12:22 - 000005120 _____ (acer) [File not signed] C:\Program Files\Acer\Empowering Technology\NotificationCenter\cs\Framework.NotificationCenter.resources.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000020480 _____ (acer) [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Service.Utility\3.0.3006.0__40d56bd2d2a1d6f8\Framework.Service.Utility.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000032768 _____ (acer) [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Utility.CommonFunctions\3.0.3006.0__770d2a375f176870\Framework.Utility.CommonFunctions.dll
2019-01-20 19:57 - 2008-05-19 03:58 - 000666624 _____ (Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\CustomRes.dll
2019-01-20 19:57 - 2019-01-20 19:57 - 000126976 _____ (Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\FPLaunchCache.dll
2008-04-22 15:49 - 2008-04-22 15:49 - 001207296 _____ (AuthenTec, Inc.) [File not signed] C:\Windows\system32\ATSC70.DLL
2008-02-10 08:31 - 2008-02-10 08:31 - 000128664 _____ (Autodesk, Inc -> Autodesk) [File not signed] C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll
2008-02-10 08:28 - 2008-02-10 08:28 - 000307352 _____ (Autodesk, Inc -> Autodesk, Inc.) [File not signed] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll
2008-02-10 08:08 - 2008-02-10 08:08 - 000043160 _____ (Autodesk, Inc -> Autodesk, Inc.) [File not signed] C:\Windows\system32\AcSignIcon.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 006963016 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\algo.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 000342536 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\arPot.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 000261944 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\aswAR.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 000388464 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\aswArray.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 000539848 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\aswCleanerDLL.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 000511944 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\aswCmnBS.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 000436440 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\aswCmnIS.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 000160176 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\aswCmnOS.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 001622360 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\aswEngin.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 000617296 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\aswFiDb.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 000485000 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\aswRawFs.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 000423600 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\aswRep.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 005061752 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\bcuengine.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 002061376 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\swhealthex2.dll
2019-12-30 17:55 - 2019-12-30 17:55 - 000065144 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19122800\uiExt.dll
2019-01-22 22:05 - 2019-01-22 22:05 - 002387776 _____ (AVAST Software s.r.o. -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Alwil Software\Avast5\libcrypto-1_1.dll
2019-01-22 22:05 - 2019-01-22 22:05 - 000512832 _____ (AVAST Software s.r.o. -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Alwil Software\Avast5\libssl-1_1.dll
2008-02-12 12:46 - 2008-02-12 05:46 - 000102400 _____ (Broadcom Corporation.) [File not signed] C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll
2008-02-12 13:19 - 2008-02-12 13:19 - 000208896 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btmmhook.dll
2008-02-12 12:36 - 2008-02-12 12:36 - 000184320 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btncopy.dll
2008-02-12 12:46 - 2008-02-12 12:46 - 000233472 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btosif.dll
2008-02-12 12:26 - 2008-02-12 12:26 - 005271552 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btrez.dll
2008-02-12 12:31 - 2008-02-12 12:31 - 000602112 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btwapi.dll
2008-02-12 12:58 - 2008-02-12 12:58 - 000393216 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btwhidcs.DLL
2008-05-12 22:11 - 2008-05-12 22:11 - 000047616 ____N (CyberLink Corp.) [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\Common\CLRCEngine3.dll
2008-04-14 15:14 - 2008-03-04 12:18 - 000008192 _____ (CyberLink) [File not signed] C:\Program Files\Acer\Empowering Technology\eAudio\Language\CSY\LangCSY.dll
2007-01-17 10:20 - 2007-01-17 10:20 - 000032768 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSLog.dll
2007-01-17 10:20 - 2007-01-17 10:20 - 000081920 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
2019-01-20 19:41 - 2008-07-20 17:43 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\CSY\IAAMon_CSY.dll
2019-01-20 19:41 - 2008-07-20 17:42 - 000118784 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\CSY\PlugInRAID_CSY.dll
2019-01-20 19:41 - 2008-07-20 17:32 - 000204800 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
2008-10-16 16:54 - 2008-10-16 16:54 - 000655360 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2008-10-16 16:56 - 2008-10-16 16:56 - 000581632 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2008-10-16 16:56 - 2008-10-16 16:56 - 000499712 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2008-10-16 17:07 - 2008-10-16 17:07 - 000864256 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2008-10-16 16:59 - 2008-10-16 16:59 - 001519616 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2008-10-16 16:58 - 2008-10-16 16:58 - 000135168 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2008-10-16 17:05 - 2008-10-16 17:05 - 000987136 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2019-01-20 20:01 - 2008-05-09 11:55 - 001060864 ____N (Microsoft Corporation) [File not signed] C:\Program Files\Acer Arcade Deluxe\PlayMovie\MFC71.DLL
2019-01-20 20:01 - 2008-05-09 11:55 - 000499712 ____N (Microsoft Corporation) [File not signed] C:\Program Files\Acer Arcade Deluxe\PlayMovie\MSVCP71.dll
2019-01-20 20:01 - 2008-05-09 11:55 - 000348160 ____N (Microsoft Corporation) [File not signed] C:\Program Files\Acer Arcade Deluxe\PlayMovie\MSVCR71.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\MSVCP71.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\MSVCR71.dll
2008-02-28 21:43 - 2008-02-28 21:43 - 001047552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MFC71U.DLL
2008-02-28 21:43 - 2008-02-28 21:43 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MSVCP71.dll
2008-02-28 21:43 - 2008-02-28 21:43 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MSVCR71.dll
2008-05-12 22:10 - 2008-05-12 22:10 - 001060864 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MFC71.DLL
2008-05-12 22:10 - 2008-05-12 22:10 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSVCP71.dll
2008-05-12 22:10 - 2008-05-12 22:10 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSVCR71.dll
2008-04-14 14:45 - 2008-04-14 14:45 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL
2008-04-14 14:45 - 2008-04-14 14:45 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL
2008-04-06 21:23 - 2008-04-06 21:23 - 000376832 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKaux.dll
2008-04-04 01:54 - 2008-04-04 01:54 - 000036864 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKauxLOC.dll
2008-04-08 05:46 - 2008-04-08 05:46 - 000319488 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKImage.dll
2008-04-04 01:54 - 2008-04-04 01:54 - 000036864 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKImageLOC.dll
2008-04-04 01:52 - 2008-04-04 01:52 - 000135168 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\CdrMmc32.dll
2008-04-04 02:14 - 2008-04-04 02:14 - 000241664 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Cdrw32.dll
2008-04-04 02:15 - 2008-04-04 02:15 - 000069632 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\CdrwEx32.dll
2008-03-03 12:11 - 2008-03-03 12:11 - 000086016 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\listor.dll
2008-03-03 12:11 - 2008-03-03 12:11 - 000011776 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\locator.dll
2008-04-06 21:22 - 2008-04-06 21:22 - 000159744 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Data32.dll
2008-04-04 01:52 - 2008-04-04 01:52 - 000069632 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Hddrw32.dll
2008-04-04 01:52 - 2008-04-04 01:52 - 000014336 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\ImagFile.dll
2008-04-07 03:52 - 2008-04-07 03:52 - 000065536 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Scd32.dll
2008-04-04 02:03 - 2008-04-04 02:03 - 000009728 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvcLOC.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Windows\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
2007-09-06 09:28 - 2007-09-06 09:28 - 001089536 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\04524464.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35617664.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\74308372.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\04524464.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35617664.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\74308372.sys => ""="Driver"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-709419016-1147377520-125327568-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2019-12-30 17:54 - 000000075 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-709419016-1147377520-125327568-1000\Control Panel\Desktop\\Wallpaper -> c:\Windows\Web\wallpaper\Acer01.jpg
DNS Servers: 217.144.16.197 - 217.144.16.199
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{25EDAE7F-F1EB-4B8F-BC4F-6A7325166AE3}] => (Allow) C:\Program Files\Cyberlink\PowerDirector\PDR.EXE (CyberLink -> CyberLink Corp.) [File not signed]
FirewallRules: [{83FF83CE-F875-4D7D-A9B5-EE60C20AF335}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () [File not signed]
FirewallRules: [{E7D0F75B-7A5D-4B64-B9EA-76A99A62111B}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () [File not signed]
FirewallRules: [{119C3235-7ED9-40B7-97AE-2A871ACA9723}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.) [File not signed]
FirewallRules: [{C06A3F7E-5592-411D-B1D9-A6779F6C9F32}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.) [File not signed]
FirewallRules: [{5C5BF230-09FE-4104-8509-46E87C2BB03F}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech Infosystems, Inc -> NewTech InfoSystems, Inc.)
FirewallRules: [{951A5035-3C8B-4C1A-B988-47DB52A6E2B7}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech Infosystems, Inc -> NewTech InfoSystems, Inc.)
FirewallRules: [{06617333-A7C8-46AE-A905-FC71BC2906B9}] => (Allow) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe (CyberLink -> Acer Incorporated) [File not signed]
FirewallRules: [{9E4B23B2-C371-4B67-B5CF-0106F370AB48}] => (Allow) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe (Acer Corp.) [File not signed]
FirewallRules: [{C3E80BD6-698B-4C71-97C0-E5AF6C09730E}] => (Allow) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) [File not signed]
FirewallRules: [{F23C0933-600A-47B6-9224-3783F4DC79E5}] => (Allow) C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe (Acer Incorporated) [File not signed]
FirewallRules: [{8DE3D4DB-ADA8-466D-9C24-010343ED9DD6}] => (Allow) LPort=80
FirewallRules: [{C1AC7C97-CE84-4EF6-B061-3F662BA54B7D}] => (Allow) LPort=80
FirewallRules: [{8FB702FF-1FFF-4134-B97C-C1095AFD9A51}] => (Allow) LPort=80
FirewallRules: [{137E2C99-F66D-4BA4-949F-89C3691E3425}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{2EFF4FDC-0A51-4993-83A7-642F62C92788}] => (Allow) C:\Program Files\Steam\Steam.exe No File
FirewallRules: [{71E80469-F3E6-40F7-AEC5-30B6C0412BE8}] => (Allow) C:\Program Files\Steam\Steam.exe No File
FirewallRules: [TCP Query User{93E087E8-1AA3-4F29-9514-572E943B4BED}C:\program files\valve\hl.exe] => (Allow) C:\program files\valve\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{1C0568DD-4400-4BF5-9A4A-DAEF5EB3776C}C:\program files\valve\hl.exe] => (Allow) C:\program files\valve\hl.exe (Valve) [File not signed]
FirewallRules: [{ED36DCE8-C7F5-492D-93FA-A84113BDA029}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{9C94E4AC-8BC4-4E27-9308-0E596F90BC71}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

05-02-2019 22:08:33 avast! antivirus system restore point
10-02-2019 11:56:00 avast! antivirus system restore point
13-02-2019 21:07:45 avast! antivirus system restore point
11-03-2019 23:20:18 avast! antivirus system restore point
12-03-2019 20:59:25 avast! antivirus system restore point
29-03-2019 19:12:03 avast! antivirus system restore point
09-11-2019 18:44:08 Installed Steam
09-11-2019 19:12:39 ??????????? Counter-Strike 1.6
09-11-2019 20:48:12 Removed Steam
09-11-2019 21:05:36 ??????? Counter-Strike 1.6
09-11-2019 21:15:06 ??????????? Counter-Strike 1.6
10-11-2019 20:59:10 avast! antivirus system restore point
10-11-2019 21:09:04 avast! antivirus system restore point
12-11-2019 20:03:14 Restore Point Created by FRST
13-11-2019 19:46:21 Restore Point Created by FRST
23-11-2019 21:36:25 Installed WinZip 12.0

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/30/2019 05:52:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/17/2019 06:32:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/17/2019 06:21:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/17/2019 12:10:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/16/2019 09:24:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/16/2019 09:19:45 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: Systém událostí modelu COM+ zjistil při vnitřním zpracování chybný návratový kód. Hodnota HRESULT byla 8007043c z řádku 45 z d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp. Obraťte se na podporu produktů společnosti Microsoft a informujte je o této chybě.

Error: (12/16/2019 09:14:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/15/2019 02:28:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (12/30/2019 05:52:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (12/18/2019 06:06:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AudioEndpointBuilder bylo dosaženo časového limitu (30000 ms).

Error: (12/17/2019 06:34:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (12/17/2019 06:21:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (12/17/2019 12:11:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (12/17/2019 12:10:25 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (0:06:57, 17.12.2019) bylo neočekávané.

Error: (12/17/2019 12:04:19 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby Eventlog bylo dosaženo časového limitu (30000 ms).

Error: (12/17/2019 12:00:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Stínová kopie svazku neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


CodeIntegrity:
===================================

Date: 2019-12-30 18:04:21.362
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-12-30 18:04:21.228
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-12-30 18:04:21.068
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-12-30 18:04:20.918
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-12-18 06:24:11.413
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-12-18 06:24:09.648
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-12-18 06:24:08.317
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-12-18 06:24:06.062
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Acer v0.3506 07/22/2008
Motherboard: Acer, Inc. Mammoth
Processor: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Percentage of memory in use: 91%
Total physical RAM: 3065.94 MB
Available physical RAM: 265.07 MB
Total Virtual: 6336.89 MB
Available Virtual: 3034.14 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:144.04 GB) (Free:92.33 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:144.04 GB) (Free:72.08 GB) NTFS

\\?\Volume{c749201a-1cd6-11e9-888f-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:10 GB) (Free:1.41 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 13AEAEC9)
Partition 1: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=144 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: Kontrola logu - využití CPU 100%

Napsal: 03 led 2020 13:40
od JaRon
jednorazovo zaskocim - je to nejake opustene :)
1. doinstaluj MSIE9 - bez ohladu na to ci ho pouzivas
2. docasne odisntaluj AVAST - a napis ake je CPU zatazenie :???:

Re: Kontrola logu - využití CPU 100%

Napsal: 06 led 2020 18:36
od flustr
Dobrý den,
MSIE 9 jsem nainstaloval a odstranil avast.
V procesech se to tváří jako krok k lepšímu, ale využitelnost PC je stále obdobná = při spuštění programu (např jednoduché PC hry - CS1.6) je CPU na 100% po celou dobu.

Screenshoty s aktuálním stavem - oba dva pouze při spuštění MSIE.

Re: Kontrola logu - využití CPU 100%

Napsal: 06 led 2020 18:38
od flustr
druhy screenshot

Re: Kontrola logu - využití CPU 100%

Napsal: 07 led 2020 07:31
od JaRon
fajn :)
1. skus pohladat cez Windows update aktualizacie
ak najde doinstaluj, ak nenajde vypni automaticky update
2. vycisti PC s CCleanerom vcetne registrov - restart PC
3. vloz aktualne logy FRST pre kolegu

Re: Kontrola logu - využití CPU 100%

Napsal: 09 led 2020 21:44
od flustr
Děkuji, vše provedeno dle instrukcí.

Jen v tuto chvíli není nainstalován žádný antivir.

Nové logy:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-01-2020
Ran by M (administrator) on M-PC (Acer, inc. Aspire 7730G) (09-01-2020 21:37:52)
Running from C:\Users\M\Desktop
Loaded Profiles: M (Available Profiles: M)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\ACER\Mobility Center\MobilityService.exe
() [File not signed] C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
() [File not signed] C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
() [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() [File not signed] C:\Windows\PLFSetI.exe
(Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
(Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
(Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Launch Manager\QtZgAcer.EXE
(EGIS TECHNOLOGY INC. -> Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(EGIS TECHNOLOGY INC. -> Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(NewTech Infosystems, Inc -> ) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
(NewTech Infosystems, Inc -> NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
(NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Users\M\AppData\Local\Temp\RtkBtMnt.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512 2008-01-18] (Synaptics Incorporated -> Synaptics, Inc.)
HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated)
HKLM\...\Run: [eAudio] => C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [544768 2008-03-07] (Acer Incorporated) [File not signed]
HKLM\...\Run: [ePower_DMC] => C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [397312 2008-04-23] (Acer Inc.) [File not signed]
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-03-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BkupTray] => C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [34040 2008-04-06] (NewTech Infosystems, Inc -> )
HKLM\...\Run: [WarReg_PopUp] => C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [303104 2008-01-29] (Acer Incorporated) [File not signed]
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13543968 2008-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] => C:\Windows\system32\NvMcTray.dll [92704 2008-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [821768 2008-07-02] (Dritek System Inc. -> Dritek System Inc.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2007-10-23] () [File not signed]
HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3607040 2019-01-20] (Arachnoid Biometrics Identification Group Corp.) [File not signed]
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-01-21] (Google Inc -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{5ECD2B32-EE53-4D02-8C18-089742CE5065}] -> C:\Program Files\Acer\Acer Bio Protection\CompPtc.dll [2019-01-20] (Arachnoid Biometrics Identification Group Corp.) [File not signed]
Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2019-01-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {16CC4ED0-D012-4410-81F2-9C08EBBDCDB4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {488B3D63-D490-4CA5-B32D-316793B38CB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-01-20] (Google Inc -> Google Inc.)
Task: {A4EA5DEC-D1A3-4CEA-8F18-8F7C1529B29D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-01-20] (Google Inc -> Google Inc.)
Task: {BCB332B9-6DEA-4494-80A8-1A60265D5B56} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Microsoft Windows -> Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 217.144.16.197 217.144.16.199 192.168.1.254
Tcpip\..\Interfaces\{43BD8E87-7A28-43E2-AEE4-22D9B5859752}: [DhcpNameServer] 217.144.16.197 217.144.16.199 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-709419016-1147377520-125327568-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?ocid=EIE9HP&PC=UP68
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-709419016-1147377520-125327568-1000 -> DefaultScope {105E99FF-8B9A-4492-B155-06194B9056D2} URL = hxxp://www.bing.com/search?FORM=UP68DF&PC=UP68 ... -SearchBox
SearchScopes: HKU\S-1-5-21-709419016-1147377520-125327568-1000 -> {105E99FF-8B9A-4492-B155-06194B9056D2} URL = hxxp://www.bing.com/search?FORM=UP68DF&PC=UP68 ... -SearchBox
SearchScopes: HKU\S-1-5-21-709419016-1147377520-125327568-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... SK832SK833
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated.)

FireFox:
========
FF ProfilePath: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\89bh58pq.default [2020-01-09]
FF NetworkProxy: Mozilla\Firefox\Profiles\89bh58pq.default -> type", 0
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-17] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-17] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-branding.js [2010-09-14]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-l10n.js [2010-09-14]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox.js [2010-09-14]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\reporter.js [2010-09-14]

Chrome:
=======
CHR Notifications: Default -> hxxps://cz1n.kingdoms.com; hxxps://cz1n.kingdoms.com; hxxps://www.artofzoo.com
CHR Profile: C:\Users\M\AppData\Local\Google\Chrome\User Data\Default [2020-01-09]
CHR Extension: (Prezentace) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-21]
CHR Extension: (Dokumenty) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-21]
CHR Extension: (Disk Google) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-21]
CHR Extension: (YouTube) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-21]
CHR Extension: (Tabulky) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-20]
CHR Extension: (Gmail) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AgereModemAudio; C:\Windows\system32\agrsmsvc.exe [13312 2008-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Agere Systems)
R2 BUNAgentSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [File not signed]
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-03-21] () [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-16] (Intel(R) Corporation) [File not signed]
R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3471360 2019-01-20] () [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () [File not signed]
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-04] () [File not signed]
R2 nvsvc; C:\Windows\system32\nvvsvc.exe [196608 2008-08-07] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-16] (Intel(R) Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AgereSoftModem; C:\Windows\System32\DRIVERS\AGRSM.sys [1202560 2008-02-29] (Microsoft Windows Hardware Compatibility Publisher -> Agere Systems)
R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2019-01-20] (Dejan Maksimovic -> Alfa Corporation)
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146688 2008-04-25] (AuthenTec, Inc. -> AuthenTec, Inc.)
R3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [210432 2008-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
S3 btwaudio; C:\Windows\System32\drivers\btwaudio.sys [80424 2008-02-14] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwavdt; C:\Windows\System32\drivers\btwavdt.sys [80936 2007-07-16] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwrchid; C:\Windows\System32\DRIVERS\btwrchid.sys [16168 2007-07-16] (Broadcom Corporation -> Broadcom Corporation.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Microsoft Windows -> Společnost Microsoft)
R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed]
S4 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
S4 iteraid; C:\Windows\system32\drivers\iteraid.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
R3 JMCR; C:\Windows\System32\DRIVERS\jmcr.sys [81296 2008-04-21] (Contoso.com(Test) -> JMicron Technology Corp.)
S4 Mraid35x; C:\Windows\system32\drivers\mraid35x.sys [33384 2006-11-02] (Microsoft Windows -> LSI Logic Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1083880 2009-04-11] (Microsoft Windows -> Společnost Microsoft)
S4 ntrigdigi; C:\Windows\system32\drivers\ntrigdigi.sys [20608 2006-11-02] (Microsoft Windows -> N-trig Innovative Technologies)
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [7545824 2008-08-07] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S4 uliahci; C:\Windows\system32\drivers\uliahci.sys [238648 2008-01-21] (Microsoft Windows -> ULi Electronics Inc.)
S4 UlSata; C:\Windows\system32\drivers\ulsata.sys [98408 2006-11-02] (Microsoft Windows -> Promise Technology, Inc.)
S4 ulsata2; C:\Windows\system32\drivers\ulsata2.sys [115816 2008-01-21] (Microsoft Windows -> Promise Technology, Inc.)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Winbond Electronics Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-09 21:37 - 2020-01-09 21:39 - 000018509 _____ C:\Users\M\Desktop\FRST.txt
2020-01-09 21:36 - 2020-01-09 21:36 - 002303488 _____ (Farbar) C:\Users\M\Desktop\FRST (2).exe
2020-01-09 21:35 - 2020-01-09 21:36 - 002303488 _____ (Farbar) C:\Users\M\Downloads\FRST (2).exe
2020-01-09 21:34 - 2020-01-09 21:34 - 000000000 ____D C:\Users\M\Desktop\FRST-OlderVersion
2020-01-09 20:51 - 2020-01-09 20:51 - 000003784 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-01-09 20:51 - 2020-01-09 20:51 - 000002792 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-01-09 20:51 - 2020-01-09 20:51 - 000000808 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-01-09 20:51 - 2020-01-09 20:51 - 000000808 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-01-09 20:51 - 2020-01-09 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-01-09 20:50 - 2020-01-09 21:11 - 000000000 ____D C:\Program Files\CCleaner
2020-01-09 20:49 - 2020-01-09 20:50 - 024581800 _____ (Piriform Software Ltd) C:\Users\M\Downloads\cctrialsetup.exe
2020-01-08 22:58 - 2017-03-16 16:11 - 001816576 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-01-08 22:58 - 2017-03-16 16:10 - 012841472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-01-08 22:58 - 2017-03-16 16:08 - 000367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2020-01-08 22:58 - 2017-03-16 16:06 - 009755648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-01-08 22:58 - 2017-03-16 16:06 - 001140736 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-01-08 22:58 - 2017-03-16 16:06 - 001130496 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-01-08 22:58 - 2017-03-16 16:05 - 001808384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-01-08 22:58 - 2017-03-16 16:05 - 001427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-01-08 22:58 - 2017-03-16 16:05 - 000429056 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-01-08 22:58 - 2017-03-16 16:05 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2020-01-08 22:58 - 2017-03-16 16:04 - 002382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-01-08 22:58 - 2017-03-16 16:04 - 000719360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-08 22:58 - 2017-03-16 16:04 - 000607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-01-08 22:58 - 2017-03-16 16:04 - 000354304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2020-01-08 22:58 - 2017-03-16 16:04 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-01-08 22:58 - 2017-03-16 16:04 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2020-01-08 22:58 - 2017-03-16 16:04 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2020-01-08 22:58 - 2017-03-16 16:04 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-01-08 22:58 - 2017-03-16 16:04 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2020-01-08 22:58 - 2017-03-16 16:04 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2020-01-08 22:58 - 2017-03-16 16:04 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2020-01-08 22:58 - 2017-03-16 16:04 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2020-01-08 22:56 - 2020-01-08 22:59 - 015320806 _____ C:\Users\M\Downloads\ie9-windows6.0-kb4014661-x86_41c4885409c1e7712495cda5067389e9d58be7e7.msu
2020-01-08 22:51 - 2017-03-09 18:00 - 000306408 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2020-01-08 22:51 - 2017-03-09 17:52 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2020-01-08 22:50 - 2020-01-08 22:52 - 000442564 _____ C:\Users\M\Downloads\windows6.0-kb4015380-x86_3f3548db24cf61d6f47d2365c298d739e6cb069a.msu
2020-01-08 22:48 - 2017-03-09 16:27 - 002074112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-01-08 22:47 - 2020-01-08 22:49 - 001231981 _____ C:\Users\M\Downloads\windows6.0-kb4015195-x86_eb045e0144266b20b615f29fa581c4001ebb7852.msu
2020-01-08 22:45 - 2017-02-11 17:54 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2020-01-08 22:45 - 2017-02-11 17:53 - 000299520 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-01-08 22:45 - 2017-02-11 17:16 - 001029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2020-01-08 22:45 - 2017-02-11 17:16 - 000219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2020-01-08 22:45 - 2017-02-11 17:16 - 000189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2020-01-08 22:45 - 2017-02-11 17:16 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2020-01-08 22:45 - 2017-02-11 16:35 - 001172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2020-01-08 22:45 - 2017-02-11 16:34 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2020-01-08 22:45 - 2017-02-11 16:25 - 000682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2020-01-08 22:45 - 2017-02-11 16:23 - 001073152 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-01-08 22:45 - 2017-02-11 16:23 - 000802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-01-08 22:44 - 2020-01-08 22:46 - 003403318 _____ C:\Users\M\Downloads\windows6.0-kb4012583-x86_1887cb5393b62cbd2dbb6a6ff6b136e809a2fbd0.msu
2020-01-08 22:43 - 2016-11-11 17:59 - 000627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-08 22:41 - 2020-01-08 22:43 - 000520802 _____ C:\Users\M\Downloads\windows6.0-kb3205638-x86_e2211e9a6523061972decd158980301fc4c32a47.msu
2020-01-08 22:38 - 2016-10-04 15:22 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2020-01-08 22:37 - 2020-01-08 22:38 - 000254310 _____ C:\Users\M\Downloads\windows6.0-kb3194371-x86_a5b6ce91a2602762af0210102192b0999e60d985.msu
2020-01-08 22:34 - 2016-10-17 23:05 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-01-08 22:34 - 2016-10-17 23:04 - 000884224 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2020-01-08 22:34 - 2016-10-17 23:04 - 000729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2020-01-08 22:34 - 2016-10-17 23:04 - 000413696 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2020-01-08 22:34 - 2016-10-17 23:04 - 000200704 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2020-01-08 22:34 - 2016-10-17 23:04 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2020-01-08 22:34 - 2016-10-17 23:04 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2020-01-08 22:34 - 2016-10-17 23:04 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2020-01-08 22:34 - 2016-10-17 23:04 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2020-01-08 22:34 - 2016-10-17 23:04 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2020-01-08 22:34 - 2016-10-17 23:04 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2020-01-08 22:34 - 2016-10-17 23:04 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2020-01-08 22:32 - 2020-01-08 22:34 - 009509451 _____ C:\Users\M\Downloads\windows6.0-kb3193418-x86_8bcecda3daec879fd2a71d91e5e5bd66e91741da.msu
2020-01-08 22:32 - 2016-09-08 15:20 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2020-01-08 22:32 - 2016-09-08 15:20 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2020-01-08 22:30 - 2020-01-08 22:31 - 000316044 _____ C:\Users\M\Downloads\windows6.0-kb3183431-x86_e7c78348dd1f8e9074266e58b7b603e34cff57b4 (1).msu
2020-01-08 22:07 - 2020-01-08 22:09 - 000316044 _____ C:\Users\M\Downloads\windows6.0-kb3183431-x86_e7c78348dd1f8e9074266e58b7b603e34cff57b4.msu
2020-01-08 22:06 - 2020-01-08 22:07 - 015181547 _____ C:\Users\M\Downloads\ie9-windows6.0-kb3124275-x86_4d448436fbc1c38b92aaeccb55fb7e3e8193143b.msu
2020-01-08 22:06 - 2020-01-08 22:06 - 000000000 ____D C:\d1d37c6bfe3b2b1140fa
2020-01-06 14:44 - 2020-01-06 14:45 - 000000000 ___HD C:\Windows\msdownld.tmp
2020-01-06 14:08 - 2020-01-06 14:08 - 020162408 _____ (Microsoft Corporation) C:\Users\M\Downloads\BOIE9_ENUS_BO0096_VIS.EXE
2020-01-06 13:23 - 2020-01-06 13:23 - 038235496 _____ (Microsoft Corporation) C:\Users\M\Downloads\BOIE9_ENUS_BO0085_VIS64.EXE
2020-01-06 12:56 - 2020-01-06 12:56 - 000000000 ____D C:\c4023484fb1c47076f553a47e9
2020-01-04 12:14 - 2020-01-04 12:14 - 000000000 ____D C:\7bfb8b6a8c5c29af77c79de1
2020-01-03 22:21 - 2020-01-03 22:21 - 000000000 ____D C:\3caccd3410f42f6216bcae846c
2020-01-03 22:05 - 2020-01-03 22:05 - 025015569 _____ C:\Users\M\Downloads\IE9-Windows6.0-KB2699988-x64.msu
2020-01-03 21:58 - 2020-01-06 13:16 - 000000134 _____ C:\Users\M\Desktop\Poradce při potížích s aplikací Internet Explorer.url
2020-01-03 21:38 - 2020-01-03 21:38 - 003695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2020-01-03 21:38 - 2020-01-03 21:38 - 000434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2020-01-03 21:38 - 2020-01-03 21:38 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2020-01-03 21:38 - 2020-01-03 21:38 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2020-01-03 21:38 - 2020-01-03 21:38 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2020-01-03 21:38 - 2020-01-03 21:38 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-01-03 21:38 - 2020-01-03 21:38 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2020-01-03 21:38 - 2020-01-03 21:38 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2020-01-03 21:38 - 2020-01-03 21:38 - 000000000 ____D C:\a7490e5b36db43146dd18cc794039f2d
2020-01-03 21:37 - 2020-01-03 21:37 - 002873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 001554432 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 001075712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 000979456 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2020-01-03 21:37 - 2020-01-03 21:37 - 000638336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-01-03 21:37 - 2020-01-03 21:37 - 000586240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 000478720 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 000357376 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 000302592 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 000261632 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 000258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2020-01-03 21:37 - 2020-01-03 21:37 - 000209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-01-03 21:37 - 2020-01-03 21:37 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2020-01-03 21:35 - 2020-01-03 21:35 - 000974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-01-03 21:35 - 2020-01-03 21:35 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2020-01-03 21:35 - 2020-01-03 21:35 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2020-01-03 21:35 - 2020-01-03 21:35 - 000321024 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2020-01-03 21:35 - 2020-01-03 21:35 - 000252928 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2020-01-03 21:35 - 2020-01-03 21:35 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2020-01-03 21:35 - 2020-01-03 21:35 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2020-01-03 21:32 - 2020-01-03 21:32 - 018719024 _____ (Microsoft Corporation) C:\Users\M\Downloads\IE9-WindowsVista-x86-csy.exe
2019-12-30 18:00 - 2019-12-30 18:00 - 002000896 _____ (Farbar) C:\Users\M\Downloads\FRST (1).exe
2019-12-18 18:17 - 2019-12-18 18:16 - 178918840 _____ (AO Kaspersky Lab) C:\Users\M\Desktop\KVRT (1).exe
2019-12-18 18:15 - 2019-12-18 18:16 - 178918840 _____ (AO Kaspersky Lab) C:\Users\M\Downloads\KVRT (1).exe
2019-12-17 19:23 - 2019-12-17 19:23 - 000751782 _____ C:\Users\M\Downloads\Zmluva o postúpení pohľadávok č. 295-2016 - text.pdf
2019-12-17 19:02 - 2019-12-17 19:02 - 000117684 _____ C:\TDSSKiller.3.1.0.28_17.12.2019_18.33.02_log.rar
2019-12-17 19:02 - 2019-12-17 19:02 - 000000000 ____D C:\Users\M\AppData\Roaming\WinRAR
2019-12-17 19:01 - 2019-12-17 19:01 - 003122424 _____ C:\Users\M\Downloads\wrar571cz.exe
2019-12-17 19:01 - 2019-12-17 19:01 - 000000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-12-17 19:01 - 2019-12-17 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-12-17 19:01 - 2019-12-17 19:01 - 000000000 ____D C:\Program Files\WinRAR
2019-12-17 18:59 - 2019-12-17 18:59 - 000757248 _____ (WinZip Computing, S.L.) C:\Users\M\Downloads\winzip23-downwz.exe
2019-12-17 18:53 - 2019-12-17 18:53 - 000959288 _____ (WinZip Computing) C:\Users\M\Downloads\winzip24-home.exe
2019-12-17 18:53 - 2019-12-17 18:53 - 000000000 ____D C:\ProgramData\UniqueId
2019-12-17 18:33 - 2019-12-17 18:37 - 000722486 _____ C:\TDSSKiller.3.1.0.28_17.12.2019_18.33.02_log.txt
2019-12-17 18:30 - 2019-12-17 18:30 - 000004892 _____ C:\TDSSKiller.3.1.0.28_17.12.2019_18.30.11_log.txt
2019-12-16 21:24 - 2019-12-17 00:04 - 000024436 _____ C:\TDSSKiller.3.1.0.28_16.12.2019_21.24.28_log.txt
2019-12-16 21:21 - 2019-12-16 21:22 - 000005630 _____ C:\TDSSKiller.3.1.0.28_16.12.2019_21.21.57_log.txt
2019-12-16 21:21 - 2019-12-16 19:09 - 005054744 _____ (AO Kaspersky Lab) C:\Users\M\Desktop\tdsskiller.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-09 21:38 - 2019-11-09 23:38 - 000000000 ____D C:\FRST
2020-01-09 21:32 - 2019-01-22 21:53 - 000054377 _____ C:\ProgramData\nvModes.001
2020-01-09 21:31 - 2019-01-20 19:54 - 000000000 _____ C:\Windows\system32\LogConfigTemp.xml
2020-01-09 21:31 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-09 21:31 - 2006-11-02 13:47 - 000003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-09 21:31 - 2006-11-02 13:47 - 000003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-09 21:30 - 2019-01-20 23:04 - 000000012 _____ C:\Windows\bthservsdp.dat
2020-01-09 21:30 - 2006-11-02 14:01 - 000032568 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-01-09 21:24 - 2019-01-20 19:58 - 000000000 ____D C:\Program Files\Acer Arcade Deluxe
2020-01-09 21:24 - 2008-04-14 14:54 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2020-01-09 21:12 - 2019-11-11 09:20 - 000000000 ____D C:\Windows\Minidump
2020-01-09 21:12 - 2019-01-20 21:16 - 000000000 ____D C:\Users\M\AppData\Roaming\DAEMON Tools Lite
2020-01-09 21:12 - 2008-08-11 09:54 - 000000000 ____D C:\Windows\Panther
2020-01-09 21:12 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2020-01-09 07:24 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\rescache
2020-01-08 23:37 - 2019-01-22 21:53 - 000054377 _____ C:\ProgramData\nvModes.dat
2020-01-08 23:08 - 2006-11-02 13:47 - 000379528 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-06 18:02 - 2019-01-22 22:03 - 000000000 ____D C:\ProgramData\AVAST Software
2020-01-06 15:34 - 2019-01-20 19:35 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-06 15:34 - 2019-01-20 19:35 - 000003248 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-06 15:26 - 2019-11-19 19:02 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-01-06 15:07 - 2019-01-20 21:09 - 000000000 ____D C:\Users\M\AppData\Roaming\Adobe
2020-01-06 14:46 - 2006-11-02 12:18 - 000000000 ___SD C:\Windows\Downloaded Program Files
2020-01-06 14:46 - 2006-11-02 12:18 - 000000000 ___RD C:\Windows\Offline Web Pages
2020-01-06 14:46 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-01-06 14:45 - 2006-11-02 07:32 - 000008798 _____ C:\Windows\system32\icrav03.rat
2020-01-06 14:45 - 2006-11-02 07:32 - 000001988 _____ C:\Windows\system32\ticrf.rat
2020-01-03 22:16 - 2008-01-21 07:47 - 001418230 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-03 22:16 - 2008-01-21 07:46 - 000607464 _____ C:\Windows\system32\perfh005.dat
2020-01-03 22:16 - 2008-01-21 07:46 - 000118096 _____ C:\Windows\system32\perfc005.dat
2020-01-03 22:10 - 2019-01-20 19:28 - 000000953 _____ C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

==================== Files in the root of some directories ========

2019-12-08 21:25 - 2019-12-08 21:25 - 000000680 _____ () C:\Users\M\AppData\Local\d3d9caps.dat
2019-01-20 21:05 - 2019-04-18 15:04 - 000006144 _____ () C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-01-09 21:37
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-01-2020
Ran by M (09-01-2020 21:40:17)
Running from C:\Users\M\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2019-01-20 17:20:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-709419016-1147377520-125327568-500 - Administrator - Disabled)
Guest (S-1-5-21-709419016-1147377520-125327568-501 - Limited - Disabled)
M (S-1-5-21-709419016-1147377520-125327568-1000 - Administrator - Enabled) => C:\Users\M

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3C3813E1-C370-4F32-9639-8B43C7C780CD}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{F67648A4-713E-4298-BBAD-A83D8283B0F3}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{2659571A-3405-4486-B7D8-2F125BC0E3B2}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
Acer Bio Protection

AAA 6.0.00.13 (HKLM\...\Acer Acer Bio Protection 6.0.00.13) (Version: - )
Acer Crystal Eye Webcam 2.0.8 (HKLM\...\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}) (Version: 2.0.8 - SuYin)
Acer eAudio Management (HKLM\...\{57265292-228A-41FA-9AEC-4620CBCC2739}) (Version: 3.0.3007 - CyberLink Corp.)
Acer eDataSecurity Management (HKLM\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 3.0.3060 - Egis Inc.)
Acer Empowering Technology (HKLM\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.0.3006 - Acer Incorporated)
Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 3.0.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.0.3013 - Acer Incorporated)
Acer eSettings Management (HKLM\...\{13D85C14-2B85-419F-AC41-C7F21E68B25D}) (Version: 3.0.3007 - Acer Incorporated)
Acer GameZone Console 2.0.1.1 (HKLM\...\Acer GameZone Console_is1) (Version: - Oberon Media, Inc.)
Acer GridVista (HKLM\...\GridVista) (Version: 2.72.317 - )
Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 3.0.3000 - Acer Inc.)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 1.12.0506 - Acer Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader 8.1.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Agatha Christie Death on the Nile (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}) (Version: - Oberon Media)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
Alice Greenfingers (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
AuthenTec Fingerprint Sensor Minimum Install (HKLM\...\{31A5ED9F-E07B-4F6E-8179-27325BAAC502}) (Version: 7.10.0.1129 - AuthenTec)
AutoCAD 2009 - český (HKLM\...\{5783F2D7-7001-0405-0002-0060B0CE6BBA}) (Version: 17.2.56.0 - Autodesk) Hidden
AutoCAD 2009 - český (HKLM\...\AutoCAD 2009 - český) (Version: 17.2.56.0 - Autodesk)
Autodesk Design Review 2009 (HKLM\...\{450063AA-643B-417C-8CF5-405BA3F4EF40}) (Version: 9.0.96 - Autodesk, Inc.) Hidden
Autodesk Design Review 2009 (HKLM\...\Autodesk Design Review 2009) (Version: 9.0.96 - Autodesk, Inc.)
AVerMedia A310 (MiniCard, DVB-T) 1.1.0.27 (HKLM\...\AVerMedia A310 (MiniCard, DVB-T)) (Version: 1.1.0.27 - AVerMedia TECHNOLOGIES, Inc.)
Azada (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}) (Version: - Oberon Media)
Backspin Billiards (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}) (Version: - Oberon Media)
Big Kahuna Reef (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}) (Version: - Oberon Media)
Bookworm Deluxe (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}) (Version: - Oberon Media)
Bricks of Egypt (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}) (Version: - Oberon Media)
Broadcom Gigabit Integrated Controller (HKLM\...\{A64A5576-D862-44F8-89DC-2B17FCC9B86E}) (Version: 11.11.03 - Broadcom Corporation)
Cake Mania (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Counter-Strike 1.6 (HKLM\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Diner Dash Flo on the Go (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}) (Version: - Oberon Media)
eSobi v2 (HKLM\...\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.3.000189 - esobi Inc.) Hidden
eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.3.000189 - esobi Inc.)
Flip Words 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}) (Version: - Oberon Media)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.2.183.23 - Google Inc.) Hidden
Chicken Invaders 3 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}) (Version: - Oberon Media)
Chuzzle (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}) (Version: - Oberon Media)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Jewel Quest Solitaire (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}) (Version: - Oberon Media)
JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.10.04 - JMicron Technology Corp.)
Kick N Rush (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}) (Version: - Oberon Media)
Launch Manager (HKLM\...\LManager) (Version: - )
LightScribe 1.4.142.1 (HKLM\...\{CE386A4E-D0DA-4208-8235-BCE43275C694}) (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Mahjong Escape Ancient China (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media)
Mahjongg Artifacts (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}) (Version: - Oberon Media)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Works (HKLM\...\{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox (3.6.10) (HKLM\...\Mozilla Firefox (3.6.10)) (Version: 3.6.10 (cs) - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery Case Files - Huntsville (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}) (Version: - Oberon Media)
Mystery Solitaire - Secret Island (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}) (Version: - Oberon Media)
NemExpress (HKLM\...\NemExpress) (Version: NemExpress version 1.11 - PLUTO-OLT spol. s r. o.)
NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.503 - NewTech Infosystems)
NTI Backup Now Standard (HKLM\...\{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.503 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM\...\{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6322 - Název společnosti:) Hidden
NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6322 - Název společnosti:)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
Orion (HKLM\...\{5B63A470-9334-44D1-AF61-6CE2DB565AE9}) (Version: 2.0.1 - Convesoft)
PhotoNow! (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.4619 - CyberLink Corp.)
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2713 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2713 - CyberLink Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5612 - Realtek Semiconductor Corp.)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{35C0A1E4-D02A-412C-841F-266DBB116ABB}) (Version: 12.02.0000 - Intel(R) Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.2.4.0 - Synaptics)
Turbo Pizza (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}) (Version: - Oberon Media)
Update for Office 2007 (KB946691) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A420F522-7395-4872-9882-C591B4B92278}) (Version: - Microsoft)
VBA (2627.01) (HKLM\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.6300 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6300 - Broadcom Corporation)
Winbond CIR Device Drivers (HKLM\...\{10F498FF-5392-4DF3-8F73-FE172A9F3800}) (Version: 7.60.1012 - Winbond Electronics Corporation)
WinRAR 5.71 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinZip 12.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. )
Zuma Deluxe (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}) (Version: - Oberon Media)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2009\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2008-02-10] (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2008-02-10] (Autodesk, Inc -> Autodesk) [File not signed]
ContextMenuHandlers1: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2008-01-21] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSshellExt.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSshellExt.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {A70C977A-BF00-412C-90B7-034C51DA2439} => C:\Windows\system32\nvcpl.dll [2008-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2008-04-14 15:47 - 2007-11-27 14:08 - 000032768 _____ () [File not signed] C:\Acer\Mobility Center\MobilityInterface.dll
2019-01-20 19:57 - 2019-01-20 19:57 - 000080896 _____ () [File not signed] C:\Program Files\Acer\Acer Bio Protection\PwdFilter.dll
2008-04-14 15:14 - 2008-03-07 02:35 - 000016384 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eAudio\eAudioSrvPlugin.dll
2008-04-14 15:11 - 2008-05-26 14:37 - 000016384 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll
2008-04-14 15:11 - 2008-05-26 14:39 - 000143360 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll
2008-04-14 15:11 - 2008-05-26 14:40 - 000016384 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll
2008-04-14 15:11 - 2008-05-26 14:37 - 000036864 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll
2008-10-16 16:57 - 2008-10-16 16:57 - 000200704 _____ () [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2008-04-04 01:54 - 2008-04-04 01:54 - 000003072 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 001024000 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000098304 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000061440 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll
2008-02-12 13:12 - 2008-02-12 13:12 - 000126976 _____ () [File not signed] C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000028672 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3006.0__672b450de5a7e94a\Framework.Host.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000061440 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3006.0__3036420f80dd6947\Framework.Library.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000032768 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3006.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000020480 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3006.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000016384 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3006.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000036864 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3006.0__4df5dcab8860d239\Framework.Utility.dll
2008-04-14 15:14 - 2008-04-23 14:58 - 000204800 _____ () [File not signed] C:\Windows\System32\SysHook.dll
2019-01-20 19:56 - 2019-01-20 19:56 - 000208896 _____ (ABIG) [File not signed] C:\Windows\system32\ATSC70PBA.dll
2008-04-14 15:14 - 2008-04-23 14:58 - 000016384 _____ (Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\ePowerSrvPlugin.dll
2008-04-14 15:14 - 2008-04-23 14:57 - 000032768 _____ (Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\WMIInterface.dll
2008-04-14 15:14 - 2008-04-23 14:57 - 000091648 _____ (Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\WMIServiceDLL.dll
2019-01-20 19:54 - 2008-06-04 13:01 - 000057344 _____ (Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\eRecovery\eRecovery.RemoteServer.dll
2019-01-20 19:54 - 2008-04-29 09:37 - 000028672 _____ (Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\eRecovery\eRecovery.ServicePlugin.dll
2019-01-20 19:53 - 2008-04-29 09:37 - 000016384 _____ (Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\Service\eRecovery.RemoteServerInterface.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000020480 _____ (acer) [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Service.Utility\3.0.3006.0__40d56bd2d2a1d6f8\Framework.Service.Utility.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000032768 _____ (acer) [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Utility.CommonFunctions\3.0.3006.0__770d2a375f176870\Framework.Utility.CommonFunctions.dll
2019-01-20 19:57 - 2008-05-19 03:58 - 000666624 _____ (Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\CustomRes.dll
2019-01-20 19:57 - 2019-01-20 19:57 - 000126976 _____ (Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\FPLaunchCache.dll
2008-04-22 15:49 - 2008-04-22 15:49 - 001207296 _____ (AuthenTec, Inc.) [File not signed] C:\Windows\system32\ATSC70.DLL
2008-02-10 08:31 - 2008-02-10 08:31 - 000128664 _____ (Autodesk, Inc -> Autodesk) [File not signed] C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll
2008-02-10 08:28 - 2008-02-10 08:28 - 000307352 _____ (Autodesk, Inc -> Autodesk, Inc.) [File not signed] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll
2008-02-10 08:08 - 2008-02-10 08:08 - 000043160 _____ (Autodesk, Inc -> Autodesk, Inc.) [File not signed] C:\Windows\system32\AcSignIcon.dll
2008-02-12 12:46 - 2008-02-12 05:46 - 000102400 _____ (Broadcom Corporation.) [File not signed] C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll
2008-02-12 13:19 - 2008-02-12 13:19 - 000208896 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btmmhook.dll
2008-02-12 12:36 - 2008-02-12 12:36 - 000184320 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btncopy.dll
2008-02-12 12:46 - 2008-02-12 12:46 - 000233472 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btosif.dll
2008-02-12 12:26 - 2008-02-12 12:26 - 005271552 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btrez.dll
2008-02-12 12:31 - 2008-02-12 12:31 - 000602112 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btwapi.dll
2008-02-12 12:58 - 2008-02-12 12:58 - 000393216 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btwhidcs.DLL
2008-04-14 15:14 - 2008-03-04 12:18 - 000008192 _____ (CyberLink) [File not signed] C:\Program Files\Acer\Empowering Technology\eAudio\Language\CSY\LangCSY.dll
2007-01-17 10:20 - 2007-01-17 10:20 - 000032768 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSLog.dll
2007-01-17 10:20 - 2007-01-17 10:20 - 000081920 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
2019-01-20 19:41 - 2008-07-20 17:43 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\CSY\IAAMon_CSY.dll
2019-01-20 19:41 - 2008-07-20 17:42 - 000118784 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\CSY\PlugInRAID_CSY.dll
2019-01-20 19:41 - 2008-07-20 17:32 - 000204800 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
2008-10-16 16:54 - 2008-10-16 16:54 - 000655360 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2008-10-16 16:56 - 2008-10-16 16:56 - 000581632 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2008-10-16 16:56 - 2008-10-16 16:56 - 000499712 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2008-10-16 17:07 - 2008-10-16 17:07 - 000864256 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2008-10-16 16:59 - 2008-10-16 16:59 - 001519616 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2008-10-16 16:58 - 2008-10-16 16:58 - 000135168 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2008-10-16 17:05 - 2008-10-16 17:05 - 000987136 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\MSVCP71.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\MSVCR71.dll
2008-02-28 21:43 - 2008-02-28 21:43 - 001047552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MFC71U.DLL
2008-02-28 21:43 - 2008-02-28 21:43 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MSVCP71.dll
2008-02-28 21:43 - 2008-02-28 21:43 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MSVCR71.dll
2008-04-14 14:45 - 2008-04-14 14:45 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL
2008-04-14 14:45 - 2008-04-14 14:45 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL
2008-04-06 21:23 - 2008-04-06 21:23 - 000376832 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKaux.dll
2008-04-04 01:54 - 2008-04-04 01:54 - 000036864 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKauxLOC.dll
2008-04-08 05:46 - 2008-04-08 05:46 - 000319488 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKImage.dll
2008-04-04 01:54 - 2008-04-04 01:54 - 000036864 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKImageLOC.dll
2008-04-04 01:52 - 2008-04-04 01:52 - 000135168 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\CdrMmc32.dll
2008-04-04 02:14 - 2008-04-04 02:14 - 000241664 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Cdrw32.dll
2008-04-04 02:15 - 2008-04-04 02:15 - 000069632 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\CdrwEx32.dll
2008-03-03 12:11 - 2008-03-03 12:11 - 000086016 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\listor.dll
2008-03-03 12:11 - 2008-03-03 12:11 - 000011776 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\locator.dll
2008-04-06 21:22 - 2008-04-06 21:22 - 000159744 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Data32.dll
2008-04-04 01:52 - 2008-04-04 01:52 - 000069632 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Hddrw32.dll
2008-04-04 01:52 - 2008-04-04 01:52 - 000014336 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\ImagFile.dll
2008-04-07 03:52 - 2008-04-07 03:52 - 000065536 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Scd32.dll
2008-04-04 02:03 - 2008-04-04 02:03 - 000009728 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvcLOC.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Windows\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
2007-09-06 09:28 - 2007-09-06 09:28 - 001089536 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\04524464.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35617664.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\74308372.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\04524464.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35617664.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\74308372.sys => ""="Driver"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-709419016-1147377520-125327568-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2020-01-06 14:50 - 000000077 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-709419016-1147377520-125327568-1000\Control Panel\Desktop\\Wallpaper -> c:\Windows\Web\wallpaper\Acer01.jpg
DNS Servers: 217.144.16.197 - 217.144.16.199
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: wuauserv => 2

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{25EDAE7F-F1EB-4B8F-BC4F-6A7325166AE3}] => (Allow) C:\Program Files\Cyberlink\PowerDirector\PDR.EXE (CyberLink -> CyberLink Corp.) [File not signed]
FirewallRules: [{83FF83CE-F875-4D7D-A9B5-EE60C20AF335}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () [File not signed]
FirewallRules: [{E7D0F75B-7A5D-4B64-B9EA-76A99A62111B}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () [File not signed]
FirewallRules: [{119C3235-7ED9-40B7-97AE-2A871ACA9723}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.) [File not signed]
FirewallRules: [{C06A3F7E-5592-411D-B1D9-A6779F6C9F32}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.) [File not signed]
FirewallRules: [{5C5BF230-09FE-4104-8509-46E87C2BB03F}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech Infosystems, Inc -> NewTech InfoSystems, Inc.)
FirewallRules: [{951A5035-3C8B-4C1A-B988-47DB52A6E2B7}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech Infosystems, Inc -> NewTech InfoSystems, Inc.)
FirewallRules: [{8DE3D4DB-ADA8-466D-9C24-010343ED9DD6}] => (Allow) LPort=80
FirewallRules: [{C1AC7C97-CE84-4EF6-B061-3F662BA54B7D}] => (Allow) LPort=80
FirewallRules: [{8FB702FF-1FFF-4134-B97C-C1095AFD9A51}] => (Allow) LPort=80
FirewallRules: [{137E2C99-F66D-4BA4-949F-89C3691E3425}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [TCP Query User{93E087E8-1AA3-4F29-9514-572E943B4BED}C:\program files\valve\hl.exe] => (Allow) C:\program files\valve\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{1C0568DD-4400-4BF5-9A4A-DAEF5EB3776C}C:\program files\valve\hl.exe] => (Allow) C:\program files\valve\hl.exe (Valve) [File not signed]

==================== Restore Points =========================

03-01-2020 21:34:12 Windows Modules Installer
06-01-2020 12:37:40 Windows Modules Installer
06-01-2020 12:55:05 Windows Modules Installer
06-01-2020 14:28:31 Windows Modules Installer
06-01-2020 14:44:19 Windows Modules Installer
08-01-2020 22:06:44 Windows Update
08-01-2020 22:31:41 Windows Update
08-01-2020 22:33:29 Windows Update
08-01-2020 22:37:34 Windows Update
08-01-2020 22:42:33 Windows Update
08-01-2020 22:45:15 Windows Update
08-01-2020 22:47:53 Windows Update
08-01-2020 22:50:55 Windows Update
08-01-2020 22:57:12 Windows Update
09-01-2020 21:18:43 Konfigurováno PowerCinema

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/09/2020 09:31:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/09/2020 09:26:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/09/2020 09:18:41 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {658d8622-151e-40f8-a01c-137fa9ee42a0}

Error: (01/09/2020 07:55:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/09/2020 07:08:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/09/2020 01:00:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/08/2020 11:23:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/08/2020 11:09:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (01/09/2020 07:55:14 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:26:27, 9.1.2020) bylo neočekávané.

Error: (01/09/2020 07:08:29 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (1:05:16, 9.1.2020) bylo neočekávané.

Error: (01/08/2020 09:50:19 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.

Error: (01/07/2020 10:47:04 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:44:55, 7.1.2020) bylo neočekávané.

Error: (01/06/2020 02:50:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (01/06/2020 02:36:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (01/06/2020 01:28:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (01/06/2020 12:42:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.


CodeIntegrity:
===================================

Date: 2020-01-04 02:28:05.482
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2020-01-04 02:28:05.217
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2020-01-04 02:28:04.952
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2020-01-04 02:28:04.687
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2020-01-04 02:28:04.421
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2020-01-04 02:28:04.141
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2020-01-04 02:28:02.830
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2020-01-04 02:28:02.565
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Acer v0.3506 07/22/2008
Motherboard: Acer, Inc. Mammoth
Processor: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Percentage of memory in use: 63%
Total physical RAM: 3065.94 MB
Available physical RAM: 1117.51 MB
Total Virtual: 6332.9 MB
Available Virtual: 4120.18 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:144.04 GB) (Free:99.83 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:144.04 GB) (Free:72.08 GB) NTFS

\\?\Volume{c749201a-1cd6-11e9-888f-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:10 GB) (Free:1.41 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 13AEAEC9)
Partition 1: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=144 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: Kontrola logu - využití CPU 100%

Napsal: 10 led 2020 07:55
od JaRon
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
(Realtek Semiconductor Corp.) [File not signed] C:\Users\M\AppData\Local\Temp\RtkBtMnt.exe
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt

Re: Kontrola logu - využití CPU 100%

Napsal: 11 led 2020 16:43
od flustr
Provedeno,

Fixlog:

Fix result of Farbar Recovery Scan Tool (x86) Version: 08-01-2020
Ran by M (11-01-2020 16:42:59) Run:3
Running from C:\Users\M\Desktop
Loaded Profiles: M (Available Profiles: M)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
(Realtek Semiconductor Corp.) [File not signed] C:\Users\M\AppData\Local\Temp\RtkBtMnt.exe
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

EmptyTemp:
Reboot:
End
*****************


========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 26
Average :
Sum : 191582878
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========

[3160] C:\Users\M\AppData\Local\Temp\RtkBtMnt.exe => process closed successfully.
HKLM\System\CurrentControlSet\Services\MBAMSwissArmy => removed successfully.
MBAMSwissArmy => service removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5613338 B
Java, Flash, Steam htmlcache => 405 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 67944799 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
LocalService => 132456 B
NetworkService => 132456 B
M => 3189640 B

RecycleBin => 3132990 B
EmptyTemp: => 84.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:43:13 ====

Re: Kontrola logu - využití CPU 100%

Napsal: 11 led 2020 17:16
od JaRon
Ja tam uz nevidin ziadne problemy

Re: Kontrola logu - využití CPU 100%

Napsal: 11 led 2020 18:07
od flustr
Problémy s využitím CPU stále přetrvávají.

např při využití pouze int. prohlížeče:

Re: Kontrola logu - využití CPU 100%

Napsal: 11 led 2020 18:08
od flustr
Při spuštění jednoduché hry (po vypnutí využití padá):
Ale pak to stejně opět vyskočí na 45 procent i při nespuštění jakéhokoli programu.

Re: Kontrola logu - využití CPU 100%

Napsal: 11 led 2020 21:19
od JaRon
Mozes skusit prescanovat s MBAR, nie s MBAM

Re: Kontrola logu - využití CPU 100%

Napsal: 11 led 2020 23:32
od flustr
Scan jsem provedl, ale MBAR nic nenašel...

Měl bych systém zcela přeinstalovat s tím, že nainstalovat novější protože Vista je již dlouho mrtvá, nebo vás napadá ještě nějaký pokus?

Popřípadě nemohl by to být hardware problém? Dá se to nějak prověřit?

děkuji
M.
Všechny časy jsou v UTC+01:00
Stránka 3 z 4

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz