Zpomalený počítač - prosím o kontrolu logu
Napsal: 26 pro 2017 09:09
Zpomalil se mi počítač, prosím o kontrolu logu
Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Libor at 2017-12-26 09:06:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 187 GB (40%) free of 469 GB
Total RAM: 2013 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:06:13, on 26.12.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18858)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Libor\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Libor.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE07DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: SluĹľba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: SluĹľba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
--
End of file - 7145 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.126 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2017-09-05 720168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22 755392]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-10 136216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-10 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-10 170520]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-07-07 10754664]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1002984]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"StatusAlerts"=C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [2013-04-18 313656]
"iSkysoft Helper Compact.exe"=C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2016-10-08 2138272]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-08-26 6868696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-29 228864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=i420vfw.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.yv12"=yv12vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2017-12-13 07:13:24 ----A---- C:\Windows\system32\mshtml.dll
2017-12-13 07:13:20 ----A---- C:\Windows\system32\jscript9.dll
2017-12-13 07:13:20 ----A---- C:\Windows\system32\ieframe.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\vbscript.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\urlmon.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\rtm.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 07:13:19 ----A---- C:\Windows\system32\msfeeds.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\mprdim.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\jscript.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\itss.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\itircl.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\iedkcs32.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\gpedit.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-13 07:13:18 ----A---- C:\Windows\system32\wininet.dll
2017-12-13 07:13:18 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-12-13 07:13:18 ----A---- C:\Windows\system32\iprtprio.dll
2017-12-13 07:13:18 ----A---- C:\Windows\system32\iertutil.dll
2017-12-13 07:13:17 ----A---- C:\Windows\system32\webcheck.dll
2017-12-13 07:13:17 ----A---- C:\Windows\system32\ieui.dll
2017-12-13 07:13:16 ----A---- C:\Windows\system32\occache.dll
2017-12-13 07:13:16 ----A---- C:\Windows\system32\jscript9diag.dll
2017-12-13 07:13:16 ----A---- C:\Windows\system32\ieapfltr.dll
2017-12-13 07:13:15 ----A---- C:\Windows\system32\msrating.dll
2017-12-13 07:13:15 ----A---- C:\Windows\system32\jsproxy.dll
2017-12-13 07:13:15 ----A---- C:\Windows\system32\ieUnatt.exe
2017-12-13 07:13:15 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-12-13 07:13:14 ----A---- C:\Windows\system32\mshtmled.dll
2017-12-13 07:13:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 07:13:14 ----A---- C:\Windows\system32\inseng.dll
2017-12-13 07:13:14 ----A---- C:\Windows\system32\ie4uinit.exe
2017-12-13 07:13:14 ----A---- C:\Windows\system32\dxtrans.dll
2017-12-13 07:13:14 ----A---- C:\Windows\system32\dxtmsft.dll
2017-12-13 07:13:13 ----A---- C:\Windows\system32\tzres.dll
2017-12-13 07:13:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-12-13 07:13:13 ----A---- C:\Windows\system32\iesetup.dll
2017-12-13 07:13:13 ----A---- C:\Windows\system32\iernonce.dll
2017-12-13 07:13:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-12-13 07:13:12 ----A---- C:\Windows\system32\ieetwcollectorres.dll
======List of files/folders modified in the last 1 month======
2017-12-26 09:06:14 ----D---- C:\Windows\Prefetch
2017-12-26 09:06:07 ----D---- C:\Program Files\trend micro
2017-12-26 09:05:58 ----D---- C:\Windows\Temp
2017-12-26 09:03:09 ----D---- C:\FRST
2017-12-26 08:59:51 ----D---- C:\Windows
2017-12-26 08:58:12 ----D---- C:\Windows\inf
2017-12-26 07:58:12 ----D---- C:\Windows\system32\config
2017-12-26 03:21:52 ----D---- C:\Users\Libor\AppData\Roaming\vlc
2017-12-25 20:47:12 ----D---- C:\Windows\System32
2017-12-25 20:47:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-12-25 08:13:25 ----SHD---- C:\System Volume Information
2017-12-14 09:41:53 ----D---- C:\Windows\rescache
2017-12-14 09:16:39 ----D---- C:\Windows\debug
2017-12-14 07:29:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2017-12-14 07:29:13 ----D---- C:\Windows\system32\Macromed
2017-12-14 07:13:05 ----D---- C:\Windows\winsxs
2017-12-14 07:10:28 ----D---- C:\Program Files\Internet Explorer
2017-12-14 07:10:27 ----D---- C:\Windows\system32\cs-CZ
2017-12-14 07:10:26 ----D---- C:\Windows\system32\Setup
2017-12-14 07:10:26 ----D---- C:\Windows\system32\en-US
2017-12-14 07:10:23 ----D---- C:\Windows\system32\drivers
2017-12-13 09:41:34 ----D---- C:\Windows\system32\MRT
2017-12-13 09:37:30 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-12-13 09:37:18 ----AC---- C:\Windows\system32\MRT.exe
2017-12-13 09:35:38 ----SHD---- C:\Windows\Installer
2017-12-13 09:35:34 ----D---- C:\ProgramData\Microsoft Help
2017-12-13 07:04:58 ----D---- C:\Windows\system32\catroot2
2017-12-07 21:51:22 ----D---- C:\Windows\SoftwareDistribution
2017-12-06 08:04:38 ----D---- C:\Program Files\Mozilla Firefox
2017-12-04 15:13:48 ----D---- C:\Program Files\TeamViewer
2017-12-01 06:36:11 ----D---- C:\Windows\system32\catroot
2017-11-30 21:59:01 ----D---- C:\Users\Libor\AppData\Roaming\Mozilla
2017-11-30 21:52:30 ----D---- C:\Program Files\MyDrive Connect
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 252808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 55040]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-09-23 294912]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-07-29 9023488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-07-07 3531176]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2011-08-11 88176]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-13 6504]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 105696]
R3 usbscan;OvladaÄŤ skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 165376]
R3 vpcusb;SluĹľba konektoru virtualizace rozhranĂ USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 78336]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2011-08-17 8576]
S3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2008-07-26 13848]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 15872]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 ClickToRunSvc;SluĹľba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2017-09-05 2054384]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HP DS Service;HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 103696]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-01-09 1324104]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-01-09 795208]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-02-17 5436176]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 280864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 gupdate;SluĹľba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2012-12-04 174592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-14 272384]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;SluĹľba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2016-10-01 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-11-07 104960]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-10-03 159960]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-08-20 4846168]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-02 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-12-2017 01
Ran by Libor (administrator) on LIBOR-PC (26-12-2017 08:59:51)
Running from C:\Users\Libor\Downloads
Loaded Profiles: Libor (Available Profiles: Libor)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Hewlett-Packard Company) C:\Program Files\HP\HPBDSService\HPBDSService.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10754664 2011-07-07] (Realtek Semiconductor)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [StatusAlerts] => C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (iSkySoft)
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6868696 2016-08-26] (Piriform Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 185.18.30.142 8.8.8.8
Tcpip\..\Interfaces\{E0BC94DA-EACE-47BA-B7D7-A46A2E95D57E}: [DhcpNameServer] 185.18.30.142 8.8.8.8
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-726496295-2317986126-1619368687-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-726496295-2317986126-1619368687-1000 -> {B11F5F4A-5285-4795-906C-0CF4761EA898} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-726496295-2317986126-1619368687-1000 -> {E3472CF2-F332-4A9F-B906-F879FD3EC370} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2017-09-05] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 9aif3cru.default
FF ProfilePath: C:\Users\Libor\AppData\Roaming\TomTom\HOME\Profiles\fl7b3mle.default [2016-10-02]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default [2017-12-26]
FF Homepage: Mozilla\Firefox\Profiles\9aif3cru.default -> hxxps://www.seznam.cz/
FF NewTabOverride: Mozilla\Firefox\Profiles\9aif3cru.default -> Enabled: "id":"{ea614400-e918-4741-9a97-7a972ff7c30b
FF Extension: (Adblock Plus) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-29]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-09-14] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html"
CHR Profile: C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default [2017-12-26]
CHR Extension: (Dokumenty) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-21]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-12-20]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-12-20]
CHR Extension: (YouTube) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-16]
CHR Extension: (AdBlock) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-13]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2054384 2017-09-05] (Microsoft Corporation)
R2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Corporation)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-09-23] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-09-23] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-09-23] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [294912 2009-09-23] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-26 08:59 - 2017-12-26 09:00 - 000013520 _____ C:\Users\Libor\Downloads\FRST.txt
2017-12-26 08:59 - 2017-12-26 08:59 - 001752576 _____ (Farbar) C:\Users\Libor\Downloads\FRST.exe
2017-12-19 08:45 - 2017-12-19 08:45 - 000223849 _____ C:\Users\Libor\Downloads\výpis z karty.pdf
2017-12-13 08:44 - 2017-12-13 08:44 - 000088519 _____ C:\Users\Libor\Downloads\POLEDNÍ-MENU-5-1.pdf
2017-12-13 07:13 - 2017-11-15 01:36 - 000347336 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-12-13 07:13 - 2017-11-14 02:37 - 013679616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-12-13 07:13 - 2017-11-14 02:15 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-12-13 07:13 - 2017-11-14 02:15 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-12-13 07:13 - 2017-11-14 02:15 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-12-13 07:13 - 2017-11-14 02:10 - 020269056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-12-13 07:13 - 2017-11-14 01:32 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-12-13 07:13 - 2017-11-14 01:31 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-12-13 07:13 - 2017-11-07 21:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-12-13 07:13 - 2017-11-07 21:56 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-12-13 07:13 - 2017-11-07 21:46 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-12-13 07:13 - 2017-11-07 21:46 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-12-13 07:13 - 2017-11-07 21:46 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-12-13 07:13 - 2017-11-07 21:44 - 002293760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-12-13 07:13 - 2017-11-07 21:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-12-13 07:13 - 2017-11-07 21:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-12-13 07:13 - 2017-11-07 21:40 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-12-13 07:13 - 2017-11-07 21:39 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-12-13 07:13 - 2017-11-07 21:39 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-12-13 07:13 - 2017-11-07 21:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-12-13 07:13 - 2017-11-07 21:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-12-13 07:13 - 2017-11-07 21:35 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 07:13 - 2017-11-07 21:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 07:13 - 2017-11-07 21:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-12-13 07:13 - 2017-11-07 21:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-12-13 07:13 - 2017-11-07 21:27 - 004509696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-12-13 07:13 - 2017-11-07 21:26 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-12-13 07:13 - 2017-11-07 21:24 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-12-13 07:13 - 2017-11-07 21:19 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-12-13 07:13 - 2017-11-07 21:18 - 000694272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-12-13 07:13 - 2017-11-07 21:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-12-13 07:13 - 2017-11-07 21:17 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-12-13 07:13 - 2017-11-07 21:17 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-12-13 07:13 - 2017-11-07 21:04 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-12-13 07:13 - 2017-11-07 21:01 - 001313280 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-12-13 07:13 - 2017-11-07 20:58 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-12-13 07:13 - 2017-11-07 17:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-12-13 07:13 - 2017-11-04 16:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2017-12-13 07:13 - 2017-11-04 16:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2017-12-13 07:13 - 2017-11-02 16:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2017-12-13 07:13 - 2017-11-02 16:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2017-12-13 07:13 - 2017-11-02 16:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2017-12-13 07:13 - 2017-11-02 15:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2017-12-13 07:13 - 2017-10-16 23:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2017-12-13 07:13 - 2017-10-12 01:14 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-12-08 09:33 - 2017-12-08 09:33 - 000088924 _____ C:\Users\Libor\Downloads\POLEDNÍ MENU 5.pdf
2017-12-05 09:17 - 2017-12-05 09:32 - 290810244 _____ C:\Users\Libor\Downloads\Petr Kalandra - Petr Kalandra & ASPM 1982 - 1990 (2010).7z
2017-12-01 13:31 - 2017-12-04 16:24 - 000000000 ____D C:\Users\Libor\Desktop\vánoční písně
2017-11-30 22:20 - 2017-11-30 22:21 - 068046056 _____ (TomTom International B.V.) C:\Users\Libor\Downloads\InstallMyDriveConnect.exe
2017-11-29 12:35 - 2017-11-29 12:48 - 000000000 ____D C:\Users\Libor\Desktop\svatba výběr
2017-11-29 08:14 - 2017-11-29 08:14 - 000497360 _____ C:\Users\Libor\Downloads\Nepotvrzeno 442143.crdownload
2017-11-29 08:08 - 2017-11-29 08:14 - 009499260 _____ C:\Users\Libor\Downloads\Nepotvrzeno 347807.crdownload
2017-11-26 09:10 - 2017-11-26 09:13 - 000000000 ____D C:\Users\Libor\Documents\Foto výstava modelů
2017-11-26 09:10 - 2017-11-26 09:13 - 000000000 ____D C:\Users\Libor\Desktop\Foto výstava modelů
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-26 08:59 - 2017-03-18 13:11 - 000000000 ____D C:\FRST
2017-12-26 08:58 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2017-12-26 08:33 - 2012-01-14 12:36 - 000000000 ____D C:\Users\Libor\AppData\Local\ElevatedDiagnostics
2017-12-26 07:55 - 2009-07-14 05:34 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-26 07:55 - 2009-07-14 05:34 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-26 07:43 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-26 03:21 - 2015-08-23 09:28 - 000000000 ____D C:\Users\Libor\AppData\Roaming\vlc
2017-12-26 02:39 - 2016-10-04 22:11 - 000025451 ____H C:\Users\Libor\Documents\Charakteristika.odt
2017-12-26 02:05 - 2017-04-07 20:34 - 000007680 _____ C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-12-25 20:47 - 2010-11-21 02:16 - 000673616 _____ C:\Windows\system32\perfh005.dat
2017-12-25 20:47 - 2010-11-21 02:16 - 000143168 _____ C:\Windows\system32\perfc005.dat
2017-12-25 20:47 - 2010-11-20 22:01 - 001592614 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-14 09:41 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
2017-12-14 07:29 - 2012-08-31 06:13 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-12-14 07:29 - 2012-01-11 11:16 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-12-14 07:29 - 2012-01-11 10:16 - 000000000 ____D C:\Windows\system32\Macromed
2017-12-14 07:10 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\Setup
2017-12-13 09:41 - 2013-08-14 20:37 - 000000000 ____D C:\Windows\system32\MRT
2017-12-13 09:37 - 2017-10-11 02:02 - 130448288 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-12-13 09:37 - 2012-01-02 10:51 - 130448288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-12-12 06:53 - 2012-12-23 15:42 - 000002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-11 22:10 - 2012-01-29 16:55 - 000010240 _____ C:\Users\Libor\Documents\Sporožiro.xls
2017-12-10 20:50 - 2016-11-22 06:02 - 000000000 ____D C:\Users\Libor\AppData\LocalLow\Mozilla
2017-12-10 13:26 - 2012-01-17 10:38 - 000000000 ____D C:\Users\Libor\Documents\Texty Lohonka
2017-12-09 09:08 - 2009-07-14 05:53 - 000032624 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-12-06 08:04 - 2017-04-28 16:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-05 09:35 - 2017-07-02 20:52 - 000000000 ____D C:\Users\Libor\Documents\CD z netu
2017-12-04 15:13 - 2015-03-17 08:10 - 000000000 ____D C:\Program Files\TeamViewer
2017-12-02 15:06 - 2016-10-06 21:20 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-30 22:21 - 2016-06-18 11:59 - 000000942 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk
2017-11-30 21:59 - 2016-10-04 20:26 - 000000000 ____D C:\Users\Libor\AppData\Roaming\Mozilla
2017-11-30 21:52 - 2015-05-30 10:17 - 000000000 ____D C:\Program Files\MyDrive Connect
==================== Files in the root of some directories =======
2012-01-16 10:22 - 2007-08-18 09:28 - 004316160 _____ (Gabest) C:\Program Files\mplayerc.exe
2017-04-07 20:34 - 2017-12-26 02:05 - 000007680 _____ () C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-12-19 09:26
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-12-2017 01
Ran by Libor (26-12-2017 09:01:46)
Running from C:\Users\Libor\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2012-01-02 09:31:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-726496295-2317986126-1619368687-500 - Administrator - Disabled)
Guest (S-1-5-21-726496295-2317986126-1619368687-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-726496295-2317986126-1619368687-1002 - Limited - Enabled)
Libor (S-1-5-21-726496295-2317986126-1619368687-1000 - Administrator - Enabled) => C:\Users\Libor
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus for IE (32-bit) (HKLM\...\{CBECBAA4-A9A1-48B6-88DC-5D5E800B0E52}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Any Video Converter 5.8.2 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Canon ScanGear Starter (HKLM\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
CDA Converter Plus (HKLM\...\CDA Converter Plus) (Version: 3.2 - audio2convert.com)
CrystalDiskInfo 7.0.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.0.3 - Crystal Dew World)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Google Chrome (HKLM\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Pro MFP M125-M126 (HKLM\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 8.0.14087.1054 - Hewlett-Packard)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.002.004 - Hewlett-Packard)
hpbDSService (HKLM\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM126DSService (HKLM\...\{9A0C3AE6-A6C3-46C4-95A5-E3745CCE3D57}) (Version: 001.001.08254 - Hewlett-Packard) Hidden
HPDXP (HKLM\...\{0BFDA228-F4D0-42C0-90B2-8C47F147AEB1}) (Version: 3.0.26.59 - HP) Hidden
HPLJDXPHelper (HKLM\...\{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}) (Version: 060.048.005 - HP) Hidden
HPLJProMFPM125M126 (HKLM\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM\...\{30DD7187-F392-4D83-8AED-D9A2DC64EF15}) (Version: 008.000.0001 - HP) Hidden
HPLJUTM125_126 (HKLM\...\{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}) (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (HKLM\...\{178F0383-A2F1-427C-9881-6EACB8728C76}) (Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{6470E292-3B55-41DC-B5EB-91C34C5ACB5D}) (Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM125-M126 (HKLM\...\{581A9CCB-1AD7-4BB4-A698-590305F773FB}) (Version: 080.046.00113 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LibreOffice 4.1.1.2 (HKLM\...\{F1EE568A-171F-4C06-9BE6-2395BED067A3}) (Version: 4.1.1.2 - The Document Foundation)
LJDXPHelperUI (HKLM\...\{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}) (Version: 060.048.005 - HP) Hidden
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM\...\{B44F3823-52DD-45CA-A916-8B320778715D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 15.0.4981.1001 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 57.0 (x86 cs) (HKLM\...\Mozilla Firefox 57.0 (x86 cs)) (Version: 57.0 - Mozilla)
MULTIFlight (HKLM\...\MULTIFlight) (Version: - Multiplex Modellsport GmbH & Co.KG)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-0000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Architect (HKLM\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PdfConvertor (HKLM\...\PdfConvertor_is1) (Version: - XSoft)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
Příručka pro síť EPSON XP-202 203 206 Series (HKLM\...\EPSON XP-202 203 206 Series Netg) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6410 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\SeznamInstall) (Version: 2.1.15 - Seznam.cz)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sonic Foundry ACID Pro 3.0 (HKLM\...\{F07C83EA-CF0C-44B4-9F1E-C3CD82EBA538}) (Version: 3.0.189 - Sonic Foundry)
Sonic Foundry ACID Pro 3.0 Crack (HKLM\...\Sonic Foundry ACID Pro 3.0 Crack) (Version: - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steinberg Cubase VST32 (HKLM\...\Steinberg Cubase VST32) (Version: - )
SUPER © v2012.build.51 (April 7, 2012) verze v2012.build.51 (HKLM\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2012.build.51 - eRightSoft)
SUPER © v2013.build.59+Recorder (2013/12/18) verze v2013.build. (HKLM\...\{8E2A18E2-96AF-4DF9-8459-5C06B75139A4}_is1) (Version: v2013.build.59+Recorder - eRightSoft)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TomTom MyDrive Connect 4.1.6.3253 (HKLM\...\MyDriveConnect) (Version: 4.1.6.3253 - TomTom)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}) (Version: 17.5.10480 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{D4492C8D-967E-0F91-5BF1-57D6197E1208}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\FileSyncApi.dll (Microsoft Corporation)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files\PDF Architect\ContextMenuExt.dll [2013-01-09] (pdfforge GbR)
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2013-06-06] (WinZip Computing, S.L.)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2013-06-06] (WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-07-29] (Intel Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2013-06-06] (WinZip Computing, S.L.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {30A681F2-248E-4AEC-97DE-B44C94467DD9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {59EB5E1C-CD37-46D3-9710-1D5A71602C8E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {705AF9D9-D328-4EF8-AD3D-B3532AFB78FF} - System32\Tasks\{96567AE1-679E-4B32-AB18-866DD4813B74} => C:\Program Files\Mozilla Firefox\firefox.exe
Task: {833455CE-557E-41F7-AFDD-3D7558D2ABAD} - System32\Tasks\HPLJCustParticipation => C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe [2013-01-28] (Hewlett Packard)
Task: {9F2A5820-A83A-495E-987D-9EF66D8EF7B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B67764DD-9976-47F3-9BDB-635E3F92AC2D} - System32\Tasks\{C81A586E-6EC6-4539-9F39-8981804DCB3B} => C:\Windows\system32\pcalua.exe -a C:\Users\Libor\Downloads\jxpiinstall(1).exe -d C:\Users\Libor\Downloads
Task: {C14761E8-0D9D-441D-804A-009704C9FFFE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2017-09-05] (Microsoft Corporation)
Task: {C9E2AC7B-F936-4963-A1AE-83BF2248170B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {E62981C1-CD02-4AB3-A1AB-83D90DD94A1B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {F333B598-D2FD-4551-BEA8-6F17A3FDB198} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-14] (Adobe Systems Incorporated)
Task: {F5103B7A-60DA-4F57-B276-4894FE67DC02} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-03-19 08:39 - 2017-01-17 02:17 - 000090304 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2009-10-14 13:36 - 2009-10-14 13:36 - 002793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2014-04-14 20:41 - 2014-04-14 20:41 - 000039192 _____ () C:\Program Files\CCleaner\branding.dll
2016-08-26 19:25 - 2016-08-26 19:25 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2009-10-14 13:34 - 2009-10-14 13:34 - 000560472 _____ () C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
2017-12-12 06:53 - 2017-12-06 04:48 - 003062104 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.84\libglesv2.dll
2017-12-12 06:53 - 2017-12-06 04:48 - 000085848 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.84\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2016-10-12 21:51 - 000000050 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.18.30.142 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{50774DFC-4F60-4DC9-A5CF-E81B6724719C}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9EAD24A6-93E5-4406-B7D5-744567CD16CC}] => (Allow) LPort=2869
FirewallRules: [{5E8B0702-07AB-4AF2-AFF8-ABE0B581BF0F}] => (Allow) LPort=1900
FirewallRules: [{F9ACF031-C9A1-4F9D-B0C8-8AF3132EE8E1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A0242DB3-05A2-43A6-9035-CFA63EDC7BC9}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{D9D8ED57-C490-44A7-9463-49C34BC364E4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{37CD3B0F-7629-4BDF-8A4E-D4D1F4C33296}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{9C7128CC-F83B-44B3-BEA6-C6CDC157B698}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{274897D9-567F-4FC2-970A-F13A72E8977D}] => (Allow) C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{831B9F3F-AA85-4555-86E2-B0045E4544DE}C:\program files\libreoffice 4\program\soffice.bin] => (Allow) C:\program files\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{479B7019-74B2-42F6-8BBE-DA8931F95C58}C:\program files\libreoffice 4\program\soffice.bin] => (Allow) C:\program files\libreoffice 4\program\soffice.bin
FirewallRules: [{2D15419A-59D9-4674-BB9E-1C16AC5E5E28}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{523603F9-F2EF-4B10-A723-E4FA0C0367D9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{B99D817B-9599-4544-88B9-042BA100EDCE}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{4A8527CB-18DB-4B66-AE2A-8A9FB621F9A2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{47B30FE5-392A-44FC-86B1-35EB737866DA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{00A70864-D01C-4DA2-A43C-5247E417317E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1DD47B50-5904-4A87-AFF7-5BA3AEC8F641}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9348A714-F1AC-4DCA-8464-C5040A26261E}] => (Allow) C:\HP_LaserJet_Pro_MFP_M125-M126\Installer\hpbcsiInstaller.exe
FirewallRules: [{1B9CE597-2BAA-4239-A4C1-B5B6509DD6CB}] => (Allow) C:\HP_LaserJet_Pro_MFP_M125-M126\Installer\hpbcsiInstaller.exe
FirewallRules: [{5A11DBE9-5644-4805-A22E-B1EE301F89C6}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M125-M126\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{A1C04533-D79C-4022-8A2F-419EFA155E3F}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M125-M126\bin\EWSProxy.exe
FirewallRules: [{384AC947-EB8A-4873-B16F-625D0FD05D28}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{69811F97-B839-45C5-B767-813D74A280AC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3D63B119-B932-4A4F-9974-771FC6F4049B}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{3A88BE42-F411-4C69-8941-0B5BED50CAA4}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{3F54FDBB-CBA1-4EC2-A957-59BF82D942D3}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{43FD0BD6-F7BF-4D95-891A-F820EEC87FB5}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{56008E3A-F250-4410-8107-4195DA959878}] => (Allow) C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe
FirewallRules: [{E0B70BBC-5108-4A29-93BD-15959D59485B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
07-12-2017 23:27:29 Windows Update
11-12-2017 07:49:25 Windows Update
13-12-2017 09:34:39 Windows Update
17-12-2017 09:35:15 Windows Update
21-12-2017 08:18:46 Windows Update
25-12-2017 08:12:56 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/26/2017 08:31:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HPStatusAlerts.exe verze 70.40.169.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: ee0
Čas spuštění: 01d37e14fb6d7765
Čas ukončení: 44
Cesta k aplikaci: C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe
ID hlášení: c2b8cabc-ea0e-11e7-8fe6-5404a6627f89
Error: (12/26/2017 07:57:54 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/26/2017 07:44:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/25/2017 05:35:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/25/2017 09:19:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/25/2017 08:11:43 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/25/2017 08:01:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/24/2017 09:56:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/24/2017 05:21:11 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/24/2017 05:11:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (12/26/2017 08:31:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP LaserJet Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/19/2017 10:38:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (12/19/2017 10:38:28 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.
Error: (12/17/2017 12:22:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/17/2017 09:40:28 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.259.429.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Fáze aktualizace: Vyhledat
Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14405.2
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.
Error: (12/17/2017 09:40:28 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.259.429.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Fáze aktualizace: Vyhledat
Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14405.2
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.
Error: (12/17/2017 09:24:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/17/2017 09:24:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).
Error: (12/17/2017 09:24:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/17/2017 09:24:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU E3400 @ 2.60GHz
Percentage of memory in use: 60%
Total physical RAM: 2013.12 MB
Available physical RAM: 791.29 MB
Total Virtual: 4026.23 MB
Available Virtual: 2510.67 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:457.94 GB) (Free:182.64 GB) NTFS ==>[drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6197B7D3)
Partition 1: (Active) - (Size=457.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7.8 GB) - (Type=27)
==================== End of Addition.txt ============================
Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Libor at 2017-12-26 09:06:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 187 GB (40%) free of 469 GB
Total RAM: 2013 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:06:13, on 26.12.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18858)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Libor\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Libor.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE07DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: SluĹľba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: SluĹľba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
--
End of file - 7145 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.126 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2017-09-05 720168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22 755392]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-10 136216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-10 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-10 170520]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-07-07 10754664]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1002984]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"StatusAlerts"=C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [2013-04-18 313656]
"iSkysoft Helper Compact.exe"=C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2016-10-08 2138272]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-08-26 6868696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-29 228864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=i420vfw.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.yv12"=yv12vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2017-12-13 07:13:24 ----A---- C:\Windows\system32\mshtml.dll
2017-12-13 07:13:20 ----A---- C:\Windows\system32\jscript9.dll
2017-12-13 07:13:20 ----A---- C:\Windows\system32\ieframe.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\vbscript.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\urlmon.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\rtm.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 07:13:19 ----A---- C:\Windows\system32\msfeeds.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\mprdim.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\jscript.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\itss.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\itircl.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\iedkcs32.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\gpedit.dll
2017-12-13 07:13:19 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-13 07:13:18 ----A---- C:\Windows\system32\wininet.dll
2017-12-13 07:13:18 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-12-13 07:13:18 ----A---- C:\Windows\system32\iprtprio.dll
2017-12-13 07:13:18 ----A---- C:\Windows\system32\iertutil.dll
2017-12-13 07:13:17 ----A---- C:\Windows\system32\webcheck.dll
2017-12-13 07:13:17 ----A---- C:\Windows\system32\ieui.dll
2017-12-13 07:13:16 ----A---- C:\Windows\system32\occache.dll
2017-12-13 07:13:16 ----A---- C:\Windows\system32\jscript9diag.dll
2017-12-13 07:13:16 ----A---- C:\Windows\system32\ieapfltr.dll
2017-12-13 07:13:15 ----A---- C:\Windows\system32\msrating.dll
2017-12-13 07:13:15 ----A---- C:\Windows\system32\jsproxy.dll
2017-12-13 07:13:15 ----A---- C:\Windows\system32\ieUnatt.exe
2017-12-13 07:13:15 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-12-13 07:13:14 ----A---- C:\Windows\system32\mshtmled.dll
2017-12-13 07:13:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 07:13:14 ----A---- C:\Windows\system32\inseng.dll
2017-12-13 07:13:14 ----A---- C:\Windows\system32\ie4uinit.exe
2017-12-13 07:13:14 ----A---- C:\Windows\system32\dxtrans.dll
2017-12-13 07:13:14 ----A---- C:\Windows\system32\dxtmsft.dll
2017-12-13 07:13:13 ----A---- C:\Windows\system32\tzres.dll
2017-12-13 07:13:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-12-13 07:13:13 ----A---- C:\Windows\system32\iesetup.dll
2017-12-13 07:13:13 ----A---- C:\Windows\system32\iernonce.dll
2017-12-13 07:13:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-12-13 07:13:12 ----A---- C:\Windows\system32\ieetwcollectorres.dll
======List of files/folders modified in the last 1 month======
2017-12-26 09:06:14 ----D---- C:\Windows\Prefetch
2017-12-26 09:06:07 ----D---- C:\Program Files\trend micro
2017-12-26 09:05:58 ----D---- C:\Windows\Temp
2017-12-26 09:03:09 ----D---- C:\FRST
2017-12-26 08:59:51 ----D---- C:\Windows
2017-12-26 08:58:12 ----D---- C:\Windows\inf
2017-12-26 07:58:12 ----D---- C:\Windows\system32\config
2017-12-26 03:21:52 ----D---- C:\Users\Libor\AppData\Roaming\vlc
2017-12-25 20:47:12 ----D---- C:\Windows\System32
2017-12-25 20:47:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-12-25 08:13:25 ----SHD---- C:\System Volume Information
2017-12-14 09:41:53 ----D---- C:\Windows\rescache
2017-12-14 09:16:39 ----D---- C:\Windows\debug
2017-12-14 07:29:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2017-12-14 07:29:13 ----D---- C:\Windows\system32\Macromed
2017-12-14 07:13:05 ----D---- C:\Windows\winsxs
2017-12-14 07:10:28 ----D---- C:\Program Files\Internet Explorer
2017-12-14 07:10:27 ----D---- C:\Windows\system32\cs-CZ
2017-12-14 07:10:26 ----D---- C:\Windows\system32\Setup
2017-12-14 07:10:26 ----D---- C:\Windows\system32\en-US
2017-12-14 07:10:23 ----D---- C:\Windows\system32\drivers
2017-12-13 09:41:34 ----D---- C:\Windows\system32\MRT
2017-12-13 09:37:30 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-12-13 09:37:18 ----AC---- C:\Windows\system32\MRT.exe
2017-12-13 09:35:38 ----SHD---- C:\Windows\Installer
2017-12-13 09:35:34 ----D---- C:\ProgramData\Microsoft Help
2017-12-13 07:04:58 ----D---- C:\Windows\system32\catroot2
2017-12-07 21:51:22 ----D---- C:\Windows\SoftwareDistribution
2017-12-06 08:04:38 ----D---- C:\Program Files\Mozilla Firefox
2017-12-04 15:13:48 ----D---- C:\Program Files\TeamViewer
2017-12-01 06:36:11 ----D---- C:\Windows\system32\catroot
2017-11-30 21:59:01 ----D---- C:\Users\Libor\AppData\Roaming\Mozilla
2017-11-30 21:52:30 ----D---- C:\Program Files\MyDrive Connect
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 252808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 55040]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-09-23 294912]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-07-29 9023488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-07-07 3531176]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2011-08-11 88176]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-13 6504]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 105696]
R3 usbscan;OvladaÄŤ skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 165376]
R3 vpcusb;SluĹľba konektoru virtualizace rozhranĂ USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 78336]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2011-08-17 8576]
S3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2008-07-26 13848]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 15872]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 ClickToRunSvc;SluĹľba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2017-09-05 2054384]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HP DS Service;HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 103696]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-01-09 1324104]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-01-09 795208]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-02-17 5436176]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 280864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 gupdate;SluĹľba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2012-12-04 174592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-14 272384]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;SluĹľba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2016-10-01 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-11-07 104960]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-10-03 159960]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-08-20 4846168]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-02 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-12-2017 01
Ran by Libor (administrator) on LIBOR-PC (26-12-2017 08:59:51)
Running from C:\Users\Libor\Downloads
Loaded Profiles: Libor (Available Profiles: Libor)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Hewlett-Packard Company) C:\Program Files\HP\HPBDSService\HPBDSService.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10754664 2011-07-07] (Realtek Semiconductor)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [StatusAlerts] => C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (iSkySoft)
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6868696 2016-08-26] (Piriform Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 185.18.30.142 8.8.8.8
Tcpip\..\Interfaces\{E0BC94DA-EACE-47BA-B7D7-A46A2E95D57E}: [DhcpNameServer] 185.18.30.142 8.8.8.8
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-726496295-2317986126-1619368687-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-726496295-2317986126-1619368687-1000 -> {B11F5F4A-5285-4795-906C-0CF4761EA898} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-726496295-2317986126-1619368687-1000 -> {E3472CF2-F332-4A9F-B906-F879FD3EC370} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2017-09-05] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 9aif3cru.default
FF ProfilePath: C:\Users\Libor\AppData\Roaming\TomTom\HOME\Profiles\fl7b3mle.default [2016-10-02]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default [2017-12-26]
FF Homepage: Mozilla\Firefox\Profiles\9aif3cru.default -> hxxps://www.seznam.cz/
FF NewTabOverride: Mozilla\Firefox\Profiles\9aif3cru.default -> Enabled: "id":"{ea614400-e918-4741-9a97-7a972ff7c30b
FF Extension: (Adblock Plus) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-29]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-09-14] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html"
CHR Profile: C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default [2017-12-26]
CHR Extension: (Dokumenty) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-21]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-12-20]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-12-20]
CHR Extension: (YouTube) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-16]
CHR Extension: (AdBlock) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-13]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2054384 2017-09-05] (Microsoft Corporation)
R2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Corporation)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-09-23] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-09-23] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-09-23] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [294912 2009-09-23] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-26 08:59 - 2017-12-26 09:00 - 000013520 _____ C:\Users\Libor\Downloads\FRST.txt
2017-12-26 08:59 - 2017-12-26 08:59 - 001752576 _____ (Farbar) C:\Users\Libor\Downloads\FRST.exe
2017-12-19 08:45 - 2017-12-19 08:45 - 000223849 _____ C:\Users\Libor\Downloads\výpis z karty.pdf
2017-12-13 08:44 - 2017-12-13 08:44 - 000088519 _____ C:\Users\Libor\Downloads\POLEDNÍ-MENU-5-1.pdf
2017-12-13 07:13 - 2017-11-15 01:36 - 000347336 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-12-13 07:13 - 2017-11-14 02:37 - 013679616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-12-13 07:13 - 2017-11-14 02:15 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-12-13 07:13 - 2017-11-14 02:15 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-12-13 07:13 - 2017-11-14 02:15 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-12-13 07:13 - 2017-11-14 02:10 - 020269056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-12-13 07:13 - 2017-11-14 01:32 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-12-13 07:13 - 2017-11-14 01:31 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-12-13 07:13 - 2017-11-07 21:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-12-13 07:13 - 2017-11-07 21:56 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-12-13 07:13 - 2017-11-07 21:46 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-12-13 07:13 - 2017-11-07 21:46 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-12-13 07:13 - 2017-11-07 21:46 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-12-13 07:13 - 2017-11-07 21:44 - 002293760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-12-13 07:13 - 2017-11-07 21:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-12-13 07:13 - 2017-11-07 21:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-12-13 07:13 - 2017-11-07 21:40 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-12-13 07:13 - 2017-11-07 21:39 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-12-13 07:13 - 2017-11-07 21:39 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-12-13 07:13 - 2017-11-07 21:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-12-13 07:13 - 2017-11-07 21:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-12-13 07:13 - 2017-11-07 21:35 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 07:13 - 2017-11-07 21:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 07:13 - 2017-11-07 21:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-12-13 07:13 - 2017-11-07 21:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-12-13 07:13 - 2017-11-07 21:27 - 004509696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-12-13 07:13 - 2017-11-07 21:26 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-12-13 07:13 - 2017-11-07 21:24 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-12-13 07:13 - 2017-11-07 21:19 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-12-13 07:13 - 2017-11-07 21:18 - 000694272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-12-13 07:13 - 2017-11-07 21:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-12-13 07:13 - 2017-11-07 21:17 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-12-13 07:13 - 2017-11-07 21:17 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-12-13 07:13 - 2017-11-07 21:04 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-12-13 07:13 - 2017-11-07 21:01 - 001313280 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-12-13 07:13 - 2017-11-07 20:58 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-12-13 07:13 - 2017-11-07 17:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-12-13 07:13 - 2017-11-04 16:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2017-12-13 07:13 - 2017-11-04 16:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2017-12-13 07:13 - 2017-11-02 16:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2017-12-13 07:13 - 2017-11-02 16:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2017-12-13 07:13 - 2017-11-02 16:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2017-12-13 07:13 - 2017-11-02 15:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2017-12-13 07:13 - 2017-10-16 23:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2017-12-13 07:13 - 2017-10-12 01:14 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-12-08 09:33 - 2017-12-08 09:33 - 000088924 _____ C:\Users\Libor\Downloads\POLEDNÍ MENU 5.pdf
2017-12-05 09:17 - 2017-12-05 09:32 - 290810244 _____ C:\Users\Libor\Downloads\Petr Kalandra - Petr Kalandra & ASPM 1982 - 1990 (2010).7z
2017-12-01 13:31 - 2017-12-04 16:24 - 000000000 ____D C:\Users\Libor\Desktop\vánoční písně
2017-11-30 22:20 - 2017-11-30 22:21 - 068046056 _____ (TomTom International B.V.) C:\Users\Libor\Downloads\InstallMyDriveConnect.exe
2017-11-29 12:35 - 2017-11-29 12:48 - 000000000 ____D C:\Users\Libor\Desktop\svatba výběr
2017-11-29 08:14 - 2017-11-29 08:14 - 000497360 _____ C:\Users\Libor\Downloads\Nepotvrzeno 442143.crdownload
2017-11-29 08:08 - 2017-11-29 08:14 - 009499260 _____ C:\Users\Libor\Downloads\Nepotvrzeno 347807.crdownload
2017-11-26 09:10 - 2017-11-26 09:13 - 000000000 ____D C:\Users\Libor\Documents\Foto výstava modelů
2017-11-26 09:10 - 2017-11-26 09:13 - 000000000 ____D C:\Users\Libor\Desktop\Foto výstava modelů
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-26 08:59 - 2017-03-18 13:11 - 000000000 ____D C:\FRST
2017-12-26 08:58 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2017-12-26 08:33 - 2012-01-14 12:36 - 000000000 ____D C:\Users\Libor\AppData\Local\ElevatedDiagnostics
2017-12-26 07:55 - 2009-07-14 05:34 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-26 07:55 - 2009-07-14 05:34 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-26 07:43 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-26 03:21 - 2015-08-23 09:28 - 000000000 ____D C:\Users\Libor\AppData\Roaming\vlc
2017-12-26 02:39 - 2016-10-04 22:11 - 000025451 ____H C:\Users\Libor\Documents\Charakteristika.odt
2017-12-26 02:05 - 2017-04-07 20:34 - 000007680 _____ C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-12-25 20:47 - 2010-11-21 02:16 - 000673616 _____ C:\Windows\system32\perfh005.dat
2017-12-25 20:47 - 2010-11-21 02:16 - 000143168 _____ C:\Windows\system32\perfc005.dat
2017-12-25 20:47 - 2010-11-20 22:01 - 001592614 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-14 09:41 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
2017-12-14 07:29 - 2012-08-31 06:13 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-12-14 07:29 - 2012-01-11 11:16 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-12-14 07:29 - 2012-01-11 10:16 - 000000000 ____D C:\Windows\system32\Macromed
2017-12-14 07:10 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\Setup
2017-12-13 09:41 - 2013-08-14 20:37 - 000000000 ____D C:\Windows\system32\MRT
2017-12-13 09:37 - 2017-10-11 02:02 - 130448288 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-12-13 09:37 - 2012-01-02 10:51 - 130448288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-12-12 06:53 - 2012-12-23 15:42 - 000002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-11 22:10 - 2012-01-29 16:55 - 000010240 _____ C:\Users\Libor\Documents\Sporožiro.xls
2017-12-10 20:50 - 2016-11-22 06:02 - 000000000 ____D C:\Users\Libor\AppData\LocalLow\Mozilla
2017-12-10 13:26 - 2012-01-17 10:38 - 000000000 ____D C:\Users\Libor\Documents\Texty Lohonka
2017-12-09 09:08 - 2009-07-14 05:53 - 000032624 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-12-06 08:04 - 2017-04-28 16:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-05 09:35 - 2017-07-02 20:52 - 000000000 ____D C:\Users\Libor\Documents\CD z netu
2017-12-04 15:13 - 2015-03-17 08:10 - 000000000 ____D C:\Program Files\TeamViewer
2017-12-02 15:06 - 2016-10-06 21:20 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-30 22:21 - 2016-06-18 11:59 - 000000942 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk
2017-11-30 21:59 - 2016-10-04 20:26 - 000000000 ____D C:\Users\Libor\AppData\Roaming\Mozilla
2017-11-30 21:52 - 2015-05-30 10:17 - 000000000 ____D C:\Program Files\MyDrive Connect
==================== Files in the root of some directories =======
2012-01-16 10:22 - 2007-08-18 09:28 - 004316160 _____ (Gabest) C:\Program Files\mplayerc.exe
2017-04-07 20:34 - 2017-12-26 02:05 - 000007680 _____ () C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-12-19 09:26
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-12-2017 01
Ran by Libor (26-12-2017 09:01:46)
Running from C:\Users\Libor\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2012-01-02 09:31:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-726496295-2317986126-1619368687-500 - Administrator - Disabled)
Guest (S-1-5-21-726496295-2317986126-1619368687-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-726496295-2317986126-1619368687-1002 - Limited - Enabled)
Libor (S-1-5-21-726496295-2317986126-1619368687-1000 - Administrator - Enabled) => C:\Users\Libor
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus for IE (32-bit) (HKLM\...\{CBECBAA4-A9A1-48B6-88DC-5D5E800B0E52}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Any Video Converter 5.8.2 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Canon ScanGear Starter (HKLM\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
CDA Converter Plus (HKLM\...\CDA Converter Plus) (Version: 3.2 - audio2convert.com)
CrystalDiskInfo 7.0.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.0.3 - Crystal Dew World)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Google Chrome (HKLM\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Pro MFP M125-M126 (HKLM\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 8.0.14087.1054 - Hewlett-Packard)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.002.004 - Hewlett-Packard)
hpbDSService (HKLM\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM126DSService (HKLM\...\{9A0C3AE6-A6C3-46C4-95A5-E3745CCE3D57}) (Version: 001.001.08254 - Hewlett-Packard) Hidden
HPDXP (HKLM\...\{0BFDA228-F4D0-42C0-90B2-8C47F147AEB1}) (Version: 3.0.26.59 - HP) Hidden
HPLJDXPHelper (HKLM\...\{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}) (Version: 060.048.005 - HP) Hidden
HPLJProMFPM125M126 (HKLM\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM\...\{30DD7187-F392-4D83-8AED-D9A2DC64EF15}) (Version: 008.000.0001 - HP) Hidden
HPLJUTM125_126 (HKLM\...\{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}) (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (HKLM\...\{178F0383-A2F1-427C-9881-6EACB8728C76}) (Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{6470E292-3B55-41DC-B5EB-91C34C5ACB5D}) (Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM125-M126 (HKLM\...\{581A9CCB-1AD7-4BB4-A698-590305F773FB}) (Version: 080.046.00113 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LibreOffice 4.1.1.2 (HKLM\...\{F1EE568A-171F-4C06-9BE6-2395BED067A3}) (Version: 4.1.1.2 - The Document Foundation)
LJDXPHelperUI (HKLM\...\{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}) (Version: 060.048.005 - HP) Hidden
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM\...\{B44F3823-52DD-45CA-A916-8B320778715D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 15.0.4981.1001 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 57.0 (x86 cs) (HKLM\...\Mozilla Firefox 57.0 (x86 cs)) (Version: 57.0 - Mozilla)
MULTIFlight (HKLM\...\MULTIFlight) (Version: - Multiplex Modellsport GmbH & Co.KG)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-0000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Architect (HKLM\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PdfConvertor (HKLM\...\PdfConvertor_is1) (Version: - XSoft)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
Příručka pro síť EPSON XP-202 203 206 Series (HKLM\...\EPSON XP-202 203 206 Series Netg) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6410 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\SeznamInstall) (Version: 2.1.15 - Seznam.cz)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sonic Foundry ACID Pro 3.0 (HKLM\...\{F07C83EA-CF0C-44B4-9F1E-C3CD82EBA538}) (Version: 3.0.189 - Sonic Foundry)
Sonic Foundry ACID Pro 3.0 Crack (HKLM\...\Sonic Foundry ACID Pro 3.0 Crack) (Version: - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steinberg Cubase VST32 (HKLM\...\Steinberg Cubase VST32) (Version: - )
SUPER © v2012.build.51 (April 7, 2012) verze v2012.build.51 (HKLM\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2012.build.51 - eRightSoft)
SUPER © v2013.build.59+Recorder (2013/12/18) verze v2013.build. (HKLM\...\{8E2A18E2-96AF-4DF9-8459-5C06B75139A4}_is1) (Version: v2013.build.59+Recorder - eRightSoft)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TomTom MyDrive Connect 4.1.6.3253 (HKLM\...\MyDriveConnect) (Version: 4.1.6.3253 - TomTom)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}) (Version: 17.5.10480 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{D4492C8D-967E-0F91-5BF1-57D6197E1208}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\FileSyncApi.dll (Microsoft Corporation)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files\PDF Architect\ContextMenuExt.dll [2013-01-09] (pdfforge GbR)
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2013-06-06] (WinZip Computing, S.L.)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2013-06-06] (WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-07-29] (Intel Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2013-06-06] (WinZip Computing, S.L.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {30A681F2-248E-4AEC-97DE-B44C94467DD9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {59EB5E1C-CD37-46D3-9710-1D5A71602C8E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {705AF9D9-D328-4EF8-AD3D-B3532AFB78FF} - System32\Tasks\{96567AE1-679E-4B32-AB18-866DD4813B74} => C:\Program Files\Mozilla Firefox\firefox.exe
Task: {833455CE-557E-41F7-AFDD-3D7558D2ABAD} - System32\Tasks\HPLJCustParticipation => C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe [2013-01-28] (Hewlett Packard)
Task: {9F2A5820-A83A-495E-987D-9EF66D8EF7B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B67764DD-9976-47F3-9BDB-635E3F92AC2D} - System32\Tasks\{C81A586E-6EC6-4539-9F39-8981804DCB3B} => C:\Windows\system32\pcalua.exe -a C:\Users\Libor\Downloads\jxpiinstall(1).exe -d C:\Users\Libor\Downloads
Task: {C14761E8-0D9D-441D-804A-009704C9FFFE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2017-09-05] (Microsoft Corporation)
Task: {C9E2AC7B-F936-4963-A1AE-83BF2248170B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {E62981C1-CD02-4AB3-A1AB-83D90DD94A1B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {F333B598-D2FD-4551-BEA8-6F17A3FDB198} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-14] (Adobe Systems Incorporated)
Task: {F5103B7A-60DA-4F57-B276-4894FE67DC02} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-03-19 08:39 - 2017-01-17 02:17 - 000090304 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2009-10-14 13:36 - 2009-10-14 13:36 - 002793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2014-04-14 20:41 - 2014-04-14 20:41 - 000039192 _____ () C:\Program Files\CCleaner\branding.dll
2016-08-26 19:25 - 2016-08-26 19:25 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2009-10-14 13:34 - 2009-10-14 13:34 - 000560472 _____ () C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
2017-12-12 06:53 - 2017-12-06 04:48 - 003062104 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.84\libglesv2.dll
2017-12-12 06:53 - 2017-12-06 04:48 - 000085848 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.84\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2016-10-12 21:51 - 000000050 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.18.30.142 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{50774DFC-4F60-4DC9-A5CF-E81B6724719C}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9EAD24A6-93E5-4406-B7D5-744567CD16CC}] => (Allow) LPort=2869
FirewallRules: [{5E8B0702-07AB-4AF2-AFF8-ABE0B581BF0F}] => (Allow) LPort=1900
FirewallRules: [{F9ACF031-C9A1-4F9D-B0C8-8AF3132EE8E1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A0242DB3-05A2-43A6-9035-CFA63EDC7BC9}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{D9D8ED57-C490-44A7-9463-49C34BC364E4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{37CD3B0F-7629-4BDF-8A4E-D4D1F4C33296}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{9C7128CC-F83B-44B3-BEA6-C6CDC157B698}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{274897D9-567F-4FC2-970A-F13A72E8977D}] => (Allow) C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{831B9F3F-AA85-4555-86E2-B0045E4544DE}C:\program files\libreoffice 4\program\soffice.bin] => (Allow) C:\program files\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{479B7019-74B2-42F6-8BBE-DA8931F95C58}C:\program files\libreoffice 4\program\soffice.bin] => (Allow) C:\program files\libreoffice 4\program\soffice.bin
FirewallRules: [{2D15419A-59D9-4674-BB9E-1C16AC5E5E28}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{523603F9-F2EF-4B10-A723-E4FA0C0367D9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{B99D817B-9599-4544-88B9-042BA100EDCE}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{4A8527CB-18DB-4B66-AE2A-8A9FB621F9A2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{47B30FE5-392A-44FC-86B1-35EB737866DA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{00A70864-D01C-4DA2-A43C-5247E417317E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1DD47B50-5904-4A87-AFF7-5BA3AEC8F641}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9348A714-F1AC-4DCA-8464-C5040A26261E}] => (Allow) C:\HP_LaserJet_Pro_MFP_M125-M126\Installer\hpbcsiInstaller.exe
FirewallRules: [{1B9CE597-2BAA-4239-A4C1-B5B6509DD6CB}] => (Allow) C:\HP_LaserJet_Pro_MFP_M125-M126\Installer\hpbcsiInstaller.exe
FirewallRules: [{5A11DBE9-5644-4805-A22E-B1EE301F89C6}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M125-M126\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{A1C04533-D79C-4022-8A2F-419EFA155E3F}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M125-M126\bin\EWSProxy.exe
FirewallRules: [{384AC947-EB8A-4873-B16F-625D0FD05D28}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{69811F97-B839-45C5-B767-813D74A280AC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3D63B119-B932-4A4F-9974-771FC6F4049B}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{3A88BE42-F411-4C69-8941-0B5BED50CAA4}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{3F54FDBB-CBA1-4EC2-A957-59BF82D942D3}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{43FD0BD6-F7BF-4D95-891A-F820EEC87FB5}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{56008E3A-F250-4410-8107-4195DA959878}] => (Allow) C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe
FirewallRules: [{E0B70BBC-5108-4A29-93BD-15959D59485B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
07-12-2017 23:27:29 Windows Update
11-12-2017 07:49:25 Windows Update
13-12-2017 09:34:39 Windows Update
17-12-2017 09:35:15 Windows Update
21-12-2017 08:18:46 Windows Update
25-12-2017 08:12:56 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/26/2017 08:31:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HPStatusAlerts.exe verze 70.40.169.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: ee0
Čas spuštění: 01d37e14fb6d7765
Čas ukončení: 44
Cesta k aplikaci: C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe
ID hlášení: c2b8cabc-ea0e-11e7-8fe6-5404a6627f89
Error: (12/26/2017 07:57:54 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/26/2017 07:44:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/25/2017 05:35:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/25/2017 09:19:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/25/2017 08:11:43 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/25/2017 08:01:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/24/2017 09:56:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/24/2017 05:21:11 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/24/2017 05:11:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (12/26/2017 08:31:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP LaserJet Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/19/2017 10:38:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (12/19/2017 10:38:28 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.
Error: (12/17/2017 12:22:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/17/2017 09:40:28 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.259.429.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Fáze aktualizace: Vyhledat
Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14405.2
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.
Error: (12/17/2017 09:40:28 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.259.429.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Fáze aktualizace: Vyhledat
Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14405.2
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.
Error: (12/17/2017 09:24:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/17/2017 09:24:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).
Error: (12/17/2017 09:24:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/17/2017 09:24:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU E3400 @ 2.60GHz
Percentage of memory in use: 60%
Total physical RAM: 2013.12 MB
Available physical RAM: 791.29 MB
Total Virtual: 4026.23 MB
Available Virtual: 2510.67 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:457.94 GB) (Free:182.64 GB) NTFS ==>[drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6197B7D3)
Partition 1: (Active) - (Size=457.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7.8 GB) - (Type=27)
==================== End of Addition.txt ============================
