kontrola logu - pomalý notebook a internet. odpojuje se wifi
Napsal: 03 zář 2018 20:47
ahoj. prosím o kontrolu logu. mám 4 roky nainstalovaný system a nyní je velmi pomalé prohlížení internetu a wifi síť s ečasto odpojuje nebo nejde připojit vůbec.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by Ondřej (administrator) on ONDRA (03-09-2018 21:17:01)
Running from C:\Users\Ondřej\Downloads
Loaded Profiles: Ondřej (Available Profiles: Ondřej)
Platform: Windows 10 Home Version 1709 16299.547 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.10325.20118\OfficeClickToRun.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\Install\{43841360-58F8-4300-A18E-1A9E71502358}\68.0.3440.106_chrome_installer.exe
(Google Inc.) C:\Windows\Temp\CR_1D923.tmp\setup.exe
(Google Inc.) C:\Windows\Temp\CR_1D923.tmp\setup.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Adobe Systems Incorporated) C:\Users\Ondřej\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\flashplayer30au_ha_install.exe
(Adobe Systems Incorporated) C:\Users\Ondřej\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\flashplayer30au_ha_install.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2017-04-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2017-04-07] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-08-21] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\Ondřej\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\Ondřej\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google)
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1217808 2009-09-14] (Valve Corporation)
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk [2014-12-16]
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{12905df0-75d7-4ef7-9a0d-f24a393ac472}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{33a0473d-74e1-4774-9ad5-b92b295f208c}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1417770187&from=cvs&uid=ST500LT012-1DG142_S3PCQ85D&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1434698 ... 2_S3PCQ85D
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1417770187&from=cvs&uid=ST500LT012-1DG142_S3PCQ85D&q={searchTerms}
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1417770187&from=cvs&uid=ST500LT012-1DG142_S3PCQ85D&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1417770187&from=cvs&uid=ST500LT012-1DG142_S3PCQ85D&q={searchTerms}
SearchScopes: HKLM -> {AA01AFE9-E886-40EE-BA3D-ADEB15260B58} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1434698273&z=737ceb2b0fb3b04812d4670gdzec4z1q7tab9obw7b&from=ient06182&uid=ST500LT012-1DG142_S3PCQ85D&q={searchTerms}
SearchScopes: HKLM-x32 -> {AA01AFE9-E886-40EE-BA3D-ADEB15260B58} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2562165561-2641732231-254196661-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2562165561-2641732231-254196661-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-07-31] (Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-30] (Microsoft Corporation)
BHO-x32: No Name -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> No File
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-31] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-31] (Microsoft Corporation)
Edge:
======
Edge Extension: (AutoFormFill) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [2017-09-29]
Edge Extension: (LearningTools) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [2018-03-18]
FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-09-03] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-09-03] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default [2018-09-03]
CHR Extension: (Prezentace) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-20]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-05-06]
CHR Extension: (YouTube) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-19]
CHR Extension: (Vyhledávání Google) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Tabulky) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-03]
CHR Extension: (Avast Online Security) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-09]
CHR Extension: (Gmail) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-05]
CHR HKU\S-1-5-21-2562165561-2641732231-254196661-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2562165561-2641732231-254196661-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2562165561-2641732231-254196661-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2562165561-2641732231-254196661-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-08-21] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-21] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853984 2018-08-09] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-24] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2014-12-16] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [214520 2017-01-05] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2017-04-07] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\NisSrv.exe [356176 2017-12-13] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MsMpEng.exe [105792 2017-12-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-08-21] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-08-21] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-08-21] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-21] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-08-21] (AVAST Software)
S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-08-21] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-08-21] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-08-21] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-08-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-08-21] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-08-21] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-08-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467064 2018-08-21] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-08-21] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-08-21] (AVAST Software)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-08] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-09-29] (MediaTek Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2017-12-13] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288848 2017-12-13] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2017-12-13] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [34960 2018-02-02] (HP)
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-03 21:22 - 2018-09-03 21:22 - 000002566 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-09-03 21:22 - 2018-09-03 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2018-09-03 21:21 - 2018-09-03 21:22 - 007566544 _____ (Malwarebytes) C:\Users\Ondřej\Downloads\adwcleaner_7.2.3.exe
2018-09-03 21:17 - 2018-09-03 21:20 - 000025044 _____ C:\Users\Ondřej\Downloads\FRST.txt
2018-09-03 21:13 - 2018-09-03 21:17 - 000000000 ____D C:\FRST
2018-09-03 21:08 - 2018-09-03 21:09 - 002413056 _____ (Farbar) C:\Users\Ondřej\Downloads\FRST64.exe
2018-09-03 20:55 - 2018-09-03 20:55 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-08-23 17:55 - 2018-08-23 18:11 - 000000000 ____D C:\Users\Ondřej\AppData\Local\AVAST Software
2018-08-23 17:55 - 2018-08-23 17:55 - 000002016 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Avast Passwords.lnk
2018-08-23 17:55 - 2018-08-23 17:55 - 000001992 _____ C:\Users\Ondřej\Desktop\Avast Passwords.lnk
2018-08-23 17:54 - 2018-08-23 18:11 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-08-21 11:30 - 2018-08-21 11:29 - 000378072 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-08-21 11:30 - 2018-08-21 11:29 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-08-08 21:29 - 2018-08-08 21:29 - 000000000 ____D C:\Windows.old
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-03 21:26 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-03 21:25 - 2014-12-01 20:49 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Adobe
2018-09-03 21:22 - 2017-11-07 20:14 - 000002560 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-09-03 21:22 - 2017-11-07 20:14 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-09-03 21:22 - 2017-11-07 20:14 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-09-03 21:22 - 2017-11-07 20:14 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2018-09-03 21:22 - 2017-11-07 20:14 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-09-03 21:22 - 2017-11-07 20:14 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-09-03 21:22 - 2017-11-07 20:14 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-09-03 21:20 - 2017-12-13 19:08 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-09-03 21:19 - 2014-05-03 21:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-09-03 21:17 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-03 21:16 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-09-03 21:02 - 2018-03-13 22:05 - 000004636 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-03 21:02 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-09-03 21:02 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-09-03 20:57 - 2017-10-01 18:55 - 000000000 ____D C:\Program Files\rempl
2018-09-03 20:55 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-03 20:52 - 2018-01-06 20:12 - 000000000 ____D C:\Program Files (x86)\Steam
2018-09-03 20:52 - 2014-11-27 18:32 - 000000000 ____D C:\Users\Ondřej\Documents\Youcam
2018-09-03 20:45 - 2016-05-30 09:58 - 000000000 __SHD C:\Users\Ondřej\IntelGraphicsProfiles
2018-09-03 20:43 - 2017-12-08 17:05 - 000000000 ____D C:\Users\Ondřej
2018-09-03 20:35 - 2017-12-08 18:31 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2562165561-2641732231-254196661-1001
2018-09-03 20:35 - 2016-05-30 10:30 - 000002433 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-03 20:35 - 2014-11-27 18:34 - 000000000 __RDO C:\Users\Ondřej\OneDrive
2018-09-03 20:33 - 2017-12-08 18:31 - 000004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F2FCDC34-3331-4502-BE97-952B1E63B756}
2018-09-03 20:24 - 2017-12-08 16:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-09-03 20:07 - 2017-12-08 18:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-03 20:06 - 2017-09-29 10:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-09-03 20:02 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-23 18:42 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-08-23 18:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-23 17:49 - 2018-07-29 11:18 - 000000348 _____ C:\WINDOWS\Tasks\HPCeeScheduleForOndřej.job
2018-08-21 11:32 - 2014-12-08 20:31 - 000467064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-21 11:30 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-08-21 11:29 - 2017-12-13 19:06 - 000197160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-08-21 11:29 - 2014-12-08 20:31 - 000381584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-08-21 11:29 - 2014-12-08 20:31 - 000211160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-08-21 11:29 - 2014-12-08 20:31 - 000159640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-08-21 11:29 - 2014-12-08 20:31 - 000111872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-08-21 11:29 - 2014-12-08 20:31 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-08-21 11:29 - 2014-12-08 20:31 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-08-21 11:28 - 2018-01-05 17:48 - 000239680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-08-21 11:28 - 2017-12-13 19:06 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-08-21 11:28 - 2017-12-13 19:06 - 000229392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-08-21 11:28 - 2017-12-13 19:06 - 000201328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-08-21 11:28 - 2017-12-13 19:06 - 000059592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-08-21 11:28 - 2014-12-08 20:31 - 001027728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-08-20 17:18 - 2018-07-29 11:18 - 000003244 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForOndřej
2018-08-08 23:27 - 2018-04-12 18:55 - 000000000 ___HD C:\$WINDOWS.~BT
2018-08-08 23:24 - 2017-11-30 14:42 - 000000000 ___DC C:\WINDOWS\Panther
2018-08-05 16:27 - 2018-08-01 21:05 - 000000000 ___HD C:\$SysReset
==================== Files in the root of some directories =======
2017-04-12 23:22 - 2017-04-12 23:22 - 007639040 _____ () C:\Program Files (x86)\GUT3A6A.tmp
2007-04-04 20:21 - 2007-04-04 20:21 - 001723904 _____ () C:\Program Files (x86)\Microsoft_DirectX_SDK.msi
2007-04-04 19:53 - 2007-04-04 19:53 - 000079208 _____ (Microsoft Corporation) C:\Program Files (x86)\Setup.exe
Some files in TEMP:
====================
2018-08-01 20:38 - 2018-08-01 20:38 - 000534528 _____ () C:\Users\Ondřej\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-08-08 23:33
==================== End of FRST.txt ============================
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by Ondřej (03-09-2018 21:29:07)
Running from C:\Users\Ondřej\Downloads
Windows 10 Home Version 1709 16299.547 (X64) (2017-12-09 15:44:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2562165561-2641732231-254196661-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2562165561-2641732231-254196661-503 - Limited - Disabled)
Guest (S-1-5-21-2562165561-2641732231-254196661-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2562165561-2641732231-254196661-1003 - Limited - Enabled)
Ondřej (S-1-5-21-2562165561-2641732231-254196661-1001 - Administrator - Enabled) => C:\Users\Ondřej
WDAGUtilityAccount (S-1-5-21-2562165561-2641732231-254196661-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty(R) 2 (HKLM-x32\...\{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 Patch 1.3 (HKLM-x32\...\{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}) (Version: 1.3 - ) Hidden
Call of Duty(R) 2 Patch 1.3 (HKLM-x32\...\{C13E90B0-4E1C-11DB-6784-0152EAA218BE}) (Version: 1.3 - Activision)
CoD 2 čeština (HKLM-x32\...\CoD 2 čeština_is1) (Version: - #'Pan[S]al!er!)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.4928 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.10.5422 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Deer Hunter - The 2005 Season Demo (HKLM-x32\...\Deer Hunter 2005 Demo_is1) (Version: - Atari, Inc.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DriverDoc (HKLM-x32\...\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}) (Version: 1.3.2 - Solvusoft Corporation) Hidden
DriverDoc (HKLM-x32\...\DriverDoc) (Version: 1.3.2 - Solvusoft Corporation)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Express Courier Beta verze 0.3.6 (HKLM-x32\...\{56224C24-4579-4A63-80E2-18284A0990F7}_is1) (Version: 0.3.6 - Simopt, s.r.o.)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Online TV (HKLM-x32\...\Free Online TV_is1) (Version: 1 - NETGATE Technologies s.r.o.)
GamePark klient 2.0.9.0 (HKLM\...\{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1) (Version: 2.0.9.0 - GamePark)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.6.18.11 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{79CA8D8A-8371-4146-8920-C1405318E65E}) (Version: 12.9.24.3 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{025C1573-2F1D-46AF-BAB8-594EBF56A889}) (Version: 1.4.11 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MediaHuman YouTube to MP3 Converter 3.9.8.24 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.8.24 - MediaHuman)
Mediatek Bluetooth (HKLM\...\{16BCAEDC-C115-1729-07C4-7A0091C699A6}) (Version: 11.0.749.0 - Mediatek)
Microsoft Office 2010 pro studenty a domácnosti (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.10325.20118 - Microsoft Corporation)
Microsoft Office Basic Edition 2003 (HKLM-x32\...\{91130405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{54194F60-988C-4D03-B922-C2B00EFDA39A}) (Version: 9.10.0222 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.50.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29082 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A6F2ADC4-12C4-41E8-B90B-3BE018F5787C}) (Version: 2.48.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
World of Tanks (HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2562165561-2641732231-254196661-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
CustomCLSID: HKU\S-1-5-21-2562165561-2641732231-254196661-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-01-15] (Cyberlink)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-01-15] (Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03A3AB45-C7B7-43B0-B015-59F3A7B58BDE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {04032CC2-179D-4C95-BB7D-A01B248E03E3} - System32\Tasks\adf9ec37-1363-4db4-8a24-aa0164210f70-4 => C:\Program Files (x86)\Internet Speed Checker\adf9ec37-1363-4db4-8a24-aa0164210f70-4.exe <==== ATTENTION
Task: {0A183497-113D-4D74-81E4-9BCF74AC41BC} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {0B98DE56-2389-498C-9DC8-B34673111A96} - System32\Tasks\avastBCLRestartS-1-5-21-2562165561-2641732231-254196661-1001 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {15A41C6E-937C-491A-9BDD-037813A87956} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {193D9995-B9DB-4E5B-9374-D79623CC014C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {2717ABF9-7657-408B-A249-C8E06BFD263C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2017-08-18] (Synaptics Incorporated)
Task: {32A059CF-2CD8-4012-B33F-D63B298A1CFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3C540EE8-7FEC-40AF-B6E8-A9F735C7DAA2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-03] (Adobe Systems Incorporated)
Task: {42B82822-D367-41AC-9A46-4782FAB3EC1C} - \WPD\SqmUpload_S-1-5-21-2562165561-2641732231-254196661-1001 -> No File <==== ATTENTION
Task: {4A3873F2-0932-4199-860E-0EF8C576501A} - System32\Tasks\{486F8833-29E9-4DF8-B41B-685C6040C4CD} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ondřej\Desktop\Mafia 1\Mafia 1 ľ Plna Verze Hry ľ CZ\Uninstall\setup.exe" -d "C:\Users\Ondřej\Desktop\Mafia 1\Mafia 1 ľ Plna Verze Hry ľ CZ\Uninstall"
Task: {4D5C4DCD-A890-4BAC-B7AC-8351C85831C8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4E277E5A-D5C4-4C49-B56A-83D3D1ABE959} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4EFD9B5F-2CFE-4747-B925-2D46C129F64F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {554226CC-AFC1-48B9-B34E-54CA155B94E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5A8272B2-0003-4A7F-A07B-57EF12606EF4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {5CE5FC80-7FFF-4591-8589-522418B96832} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2018-07-12] (Microsoft Corporation)
Task: {6529D049-7CF9-49BC-A893-32D0E688CE9C} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {66344809-754D-45D7-8E26-AF2B643EA665} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-09-03] (Microsoft Corporation)
Task: {711CA8E2-0688-4C4F-9E9D-82189043EE9F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-03] (Microsoft Corporation)
Task: {79F5F241-E6A0-4029-9156-C812763FE724} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {80F5334E-F7C6-4600-88A8-6D35D88A1110} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {80FCA74E-8427-4A4E-8AF2-BE20BEDD3CB4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {813CB8E0-9CCD-412B-BF52-6C458541748E} - System32\Tasks\{B61BEC5A-3F88-4D0D-988D-CE0AD2CD8555} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ondřej\Desktop\Mafia 1\Mafia 1 ľ Plna Verze Hry ľ CZ\Setup.exe" -d "C:\Users\Ondřej\Desktop\Mafia 1\Mafia 1 ľ Plna Verze Hry ľ CZ"
Task: {83E4A6A3-B56D-49FF-833A-D09D4DBC7AB0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-03] (Microsoft Corporation)
Task: {84850533-DB9E-4D23-8994-65B7C507227D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {87949786-64DA-4E6D-8DF0-5EABB07437BC} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Task: {881AAD3F-DB78-4E41-9E21-8EA881E72E14} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {90E14AAF-876D-4985-8E0D-360F5F40DD08} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {93E7E05B-F250-40FD-ADD7-A5A80F31DCF5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {94EEE6FC-BFF6-4662-BF6E-D6179F309720} - System32\Tasks\{F8816750-E235-4387-BA99-C652D06A69CF} => C:\Windows\system32\pcalua.exe -a C:\Users\Ondřej\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=cvs <==== ATTENTION
Task: {9882A9EB-E50C-43FC-9259-5739246DF708} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9C9E1210-B476-45DE-86D0-1C0C7856CEAC} - System32\Tasks\{BD11348D-7066-47C9-A9EC-1675A93DDB8F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ondřej\Desktop\call of duty 2 cz\DirectX\dxsetup.exe" -d "C:\Users\Ondřej\Desktop\call of duty 2 cz\DirectX"
Task: {A12D9849-E39D-475D-9EA3-1B5965B253F3} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {A54CF1A5-0EE2-44DE-85FE-36C735BC38EB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A60FCABD-B94E-48EA-BE63-7B875AD14DC1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {A70BF27C-99F3-4FFB-A619-900E93944AB7} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {B02271AA-C9B5-4C63-BA93-D249BF0A0A4E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {BE73127D-EB1F-4A6A-BAD2-A45E28106C68} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-09-03] (AVAST Software)
Task: {C3652607-82B5-42A5-A715-41A4D6364C7C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-24] ()
Task: {C4274DA5-64BA-4E9C-AB50-D987C6813232} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-06-27] (HP Inc.)
Task: {C74F372A-0EF1-4596-9016-F4B5278D62D1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-09-03] (Adobe Systems Incorporated)
Task: {D74D1EDC-A561-4066-B9A5-425C970C8DE2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-06-05] (AVAST Software)
Task: {DCB08EA6-A487-4F0A-A078-FB23C2295DBA} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {DCB699EF-47E4-4C33-9F00-4412F316256E} - System32\Tasks\HPCeeScheduleForOndřej => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {E057B32C-5C1C-49FA-BFB7-4A6867BBC678} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E1AA7217-5B95-4191-A233-45C2B12FAB74} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {E1F10D4A-FF66-4661-B3BF-8C8B5587EED9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-03] (Microsoft Corporation)
Task: {E1FBA659-8C46-4D78-821E-7E5E47723A54} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {E20A914B-20E6-4F00-888A-30C3B09559CA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-03] (Microsoft Corporation)
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\adf9ec37-1363-4db4-8a24-aa0164210f70-4" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CLVDLauncher" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CreateChoiceProcessTask" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\HPCeeScheduleForOndřej" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\LaunchSignup" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2562165561-2641732231-254196661-1001" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\Optimize Start Menu Cache Files-S-1-5-21-2562165561-2641732231-254196661-500" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\Synaptics TouchPad Enhancements" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{F2FCDC34-3331-4502-BE97-952B1E63B756}" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\YCMServiceAgent" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\{486F8833-29E9-4DF8-B41B-685C6040C4CD}" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\{B61BEC5A-3F88-4D0D-988D-CE0AD2CD8555}" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\{BD11348D-7066-47C9-A9EC-1675A93DDB8F}" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\{F8816750-E235-4387-BA99-C652D06A69CF}" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {EDA39620-D012-4755-880F-CC99DF1F7993} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F0381889-80F6-4305-9D40-F74F833022E5} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2015-06-22] (CyberLink Corp.)
Task: {F525E7BA-245C-4C6D-99D6-AB8E19C74691} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {F5D49BA2-D070-44E0-9404-F83D37758831} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {F9C706F7-71B1-4935-AA3F-467A549C140F} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-09-03] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\adf9ec37-1363-4db4-8a24-aa0164210f70-4.job => C:\Program Files (x86)\Internet Speed Checker\adf9ec37-1363-4db4-8a24-aa0164210f70-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\HPCeeScheduleForOndřej.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-12-16 21:00 - 2014-12-16 21:00 - 000075064 ____N () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-16 21:00 - 2017-01-05 21:23 - 000214520 ____N () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-07-12 19:30 - 2018-06-13 23:09 - 002988032 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.PeoplePicker.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 002459648 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.Relevance.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 000484352 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-07-12 19:30 - 2018-06-29 10:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-07-12 19:30 - 2018-06-29 09:57 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-18 18:41 - 2018-07-18 18:45 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-18 18:41 - 2018-07-18 18:45 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-18 18:41 - 2018-07-18 18:45 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-18 18:41 - 2018-07-18 18:45 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-18 18:41 - 2018-07-18 18:45 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-07-03 15:08 - 2018-06-22 21:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-07-03 15:08 - 2018-06-22 21:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 000047616 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2018-07-12 19:30 - 2018-06-13 23:07 - 004173824 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2018-06-25 11:07 - 2018-06-08 08:01 - 003662336 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2018-07-31 09:30 - 2018-07-31 10:21 - 000066048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2018-09-03 20:46 - 2018-09-03 20:46 - 000098816 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32api.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000110080 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\pywintypes27.dll
2018-09-03 20:46 - 2018-09-03 20:46 - 000364544 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\pythoncom27.dll
2018-09-03 20:46 - 2018-09-03 20:46 - 000320512 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32com.shell.shell.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000914432 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_hashlib.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 001176576 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._core_.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000806400 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._gdi_.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000816128 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._windows_.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 001067008 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._controls_.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000733184 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._misc_.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000682496 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\pysqlite2._sqlite.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000088064 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_ctypes.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000686080 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\unicodedata.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000119808 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32file.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000108544 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32security.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000007168 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\hashobjs_ext.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000017920 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\thumbnails_ext.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000088064 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\usb_ext.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000012800 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\common.time34.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000018432 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32event.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000167936 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32gui.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000046080 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_socket.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 001303552 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_ssl.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000128512 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_elementtree.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000127488 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\pyexpat.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000038912 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32inet.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000036864 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_psutil_windows.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000525208 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\windows._lib_cacheinvalidation.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000011264 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32crypt.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000123392 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._wizard.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000077312 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._html2.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000027648 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_multiprocessing.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000020480 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_yappi.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000035840 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32process.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000078848 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._animate.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000024064 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32pipe.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000010240 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\select.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000025600 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32pdh.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000017408 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32profile.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000022528 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32ts.pyd
2018-03-05 10:18 - 2018-03-05 10:18 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-21 11:29 - 2018-08-21 11:29 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-21 11:28 - 2018-08-21 11:28 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2003-07-15 07:52 - 2003-07-15 07:52 - 000027704 _____ () C:\Program Files (x86)\Microsoft Office\OFFICE11\MSODCW.DLL
2003-07-15 07:52 - 2003-07-15 07:52 - 000039992 _____ () C:\Program Files (x86)\Common Files\microsoft shared\DW\DWDCW20.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2018-08-20 16:46 - 000000825 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ondřej\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\tapeta programu windows prohlížeč fotografií.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B7528DB0-481B-4B71-97CF-87B0C6A1856A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{0B2AC7A5-7CCD-443E-92F2-99ED8109DA1E}C:\users\ondřej\desktop\call of duty - black ops\blackops (2).exe] => (Block) C:\users\ondřej\desktop\call of duty - black ops\blackops (2).exe
FirewallRules: [TCP Query User{C8916825-E87A-4D39-BDD5-6729BCA97BAC}C:\users\ondřej\desktop\call of duty - black ops\blackops (2).exe] => (Block) C:\users\ondřej\desktop\call of duty - black ops\blackops (2).exe
FirewallRules: [UDP Query User{1369023F-2F85-4F37-962D-C62038D2F88B}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{1C34436F-579A-447E-9B55-1535BFA1FC70}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [{8307FDA0-6EC2-4559-BD5A-80B64ECA2F15}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [{E77FB7A3-ADE5-4DFC-9A95-0F389141263B}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [{410C16BC-B702-4E8C-8291-EB7DE83F0FEC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AC9E20BF-991A-47B6-99DA-FB8720C8F106}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5CA13096-AE9B-4167-82F6-26F14318452C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3A306298-FAC3-4BF5-A3AA-B4410B81DE10}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4F4EFFB1-10D2-40CE-91C8-6113D2720A3D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{88691956-ABC2-4B71-8F51-A1023FBD1697}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{D2BFDE14-E573-4194-81F8-327D05CB1A1B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{BFA8E751-1E96-4431-9380-2C5DB20B05D8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{07D613C9-102A-4CDB-800B-DB8E191967C5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{3D77B4C1-3857-4637-B381-F242222A6998}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{73E106F8-6517-46AA-A557-5D6C6452C09C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{17D44C78-2D2E-4021-A60B-41AA13F6C102}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{1541C3A7-716F-4561-93CE-2674FC1BBDE6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6A9C50EC-6469-42AA-AF42-DF8FF4CDE74D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6B08247C-BDCA-4EF1-8D98-77FEA100D833}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4C8A9D64-01E4-4161-8515-0DC59274622B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D1361036-9FAC-42AB-8228-26D670AE114D}] => (Allow) LPort=1900
FirewallRules: [{59EDCD6C-3DAD-438B-969C-58BF47E23FBA}] => (Allow) LPort=2869
FirewallRules: [{14BBC30B-4772-4B9E-B35B-FE19F2AB909A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2AC9D0AB-2C4B-4C6E-8B78-89578E5AA3F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{564DEDFB-2B70-456A-9951-9867C30E014C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{CBE4A36D-7B7D-448D-A827-400162F10D7F}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{34BC3136-6E76-478F-A410-ED9537DAAD3D}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{17F2A35C-DC69-4EB8-B7D4-149998BF11A6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{D2AB1C85-AB00-4A54-A7CA-C7306CE582BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D40DCAE4-28E0-4FD4-97DA-F3A6F9508030}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FB33737F-183E-408A-86BC-E8FE9EBA6D1F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6A50F561-749F-4D78-955E-6AF76300B7EC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A2EF9A74-2829-4B42-9A1D-0FE5C852EE49}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{C85C7F83-6377-485F-A6C5-0F3583D832BB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
==================== Restore Points =========================
08-08-2018 21:35:49 Windows Update
03-09-2018 20:52:47 Windows Update
03-09-2018 20:55:18 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/03/2018 09:28:11 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Aktualizaci {8B689F89-5E1C-4DA9-B2B1-7B3843275596} produktu Microsoft Office Professional 2007 nebylo možné nainstalovat. Kód chyby: 1642. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127
Error: (09/03/2018 09:27:58 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu WmiApRpl v knihovně DLL C:\WINDOWS\system32\wbem\wmiaprpl.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/03/2018 09:27:56 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/03/2018 09:27:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu MSDTC v knihovně DLL C:\WINDOWS\system32\msdtcuiu.DLL se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/03/2018 09:27:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu Lsa v knihovně DLL C:\Windows\System32\Secur32.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/03/2018 09:27:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu ESENT v knihovně DLL C:\WINDOWS\system32\esentprf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/03/2018 08:54:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/03/2018 08:43:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15656
System errors:
=============
Error: (09/03/2018 09:22:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/03/2018 09:06:29 PM) (Source: DCOM) (EventID: 10016) (User: ONDRA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Ondra\Ondřej (SID: S-1-5-21-2562165561-2641732231-254196661-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/03/2018 09:00:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/03/2018 08:57:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (09/03/2018 08:57:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (09/03/2018 08:57:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (09/03/2018 08:57:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (09/03/2018 08:57:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Windows Defender:
===================================
Date: 2017-12-13 15:24:33.676
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Misleading:Win32/Sofolview
ID: 240761
Závažnost: Vysoké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Solvusoft\SuiteService.exe;process:_pid:3180,ProcessStart:131576479283872272;regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS\\C:\Program Files (x86)\Solvusoft\SuiteService.exe;service:_Solvusoft Suite Service;shareddll:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS\\C:\Program Files (x86)\Solvusoft\SuiteService.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\Solvusoft\SuiteService.exe
Verze podpisu: AV: 1.259.206.0, AS: 1.259.206.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14405.2, NIS: 2.1.14202.0
Date: 2017-12-13 15:22:18.027
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Misleading:Win32/Sofolview
ID: 240761
Závažnost: Vysoké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Solvusoft\SuiteService.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClient.exe
Verze podpisu: AV: 1.259.206.0, AS: 1.259.206.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14405.2, NIS: 2.1.14202.0
Date: 2017-12-13 15:22:00.183
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Misleading:Win32/Sofolview
ID: 240761
Závažnost: Vysoké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe;regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\CommonToolkitTray_Solvusoft;regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS\\C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe;runkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\CommonToolkitTray_Solvusoft;shareddll:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS\\C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Ondra\Ondřej
Název procesu: C:\Windows\SysWOW64\runonce.exe
Verze podpisu: AV: 1.259.206.0, AS: 1.259.206.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14405.2, NIS: 2.1.14202.0
Date: 2017-12-13 15:21:52.519
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Misleading:Win32/Sofolview
ID: 240761
Závažnost: Vysoké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Solvusoft\SuiteService.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClient.exe
Verze podpisu: AV: 1.259.206.0, AS: 1.259.206.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14405.2, NIS: 2.1.14202.0
Date: 2017-12-13 15:15:33.248
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Misleading:Win32/Sofolview
ID: 240761
Závažnost: Vysoké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Ondra\Ondřej
Název procesu: C:\Windows\SysWOW64\runonce.exe
Verze podpisu: AV: 1.259.206.0, AS: 1.259.206.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14405.2, NIS: 2.1.14202.0
Date: 2018-06-05 16:27:43.161
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.259.257.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14405.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
Date: 2018-06-05 16:27:43.160
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 118.2.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.14202.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
Date: 2018-06-05 16:27:43.120
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.259.257.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14405.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
Date: 2018-06-05 16:27:43.119
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.259.257.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14405.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
Date: 2018-06-05 16:27:43.118
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.259.257.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14405.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===================================
Date: 2018-09-03 21:29:12.427
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 21:29:12.420
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 21:28:45.398
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 21:28:45.389
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 21:28:35.356
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 21:28:35.349
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 21:28:33.334
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 21:28:33.329
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 76%
Total physical RAM: 3984.27 MB
Available physical RAM: 950.41 MB
Total Virtual: 6416.27 MB
Available Virtual: 2933.29 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:447.39 GB) (Free:133.87 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:16.44 GB) (Free:1.58 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{39cca1ee-f533-4ed8-b528-949863bc2cf9}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.35 GB) NTFS
\\?\Volume{3bf443ea-3e87-4c31-9d37-a1c1f02ff2f0}\ () (Fixed) (Total:0.25 GB) (Free:0.14 GB) FAT32
\\?\Volume{217352a0-c3bf-4935-b4bb-72967679f681}\ () (Fixed) (Total:0.9 GB) (Free:0.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6724854A)
Partition: GPT.
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by Ondřej (administrator) on ONDRA (03-09-2018 21:17:01)
Running from C:\Users\Ondřej\Downloads
Loaded Profiles: Ondřej (Available Profiles: Ondřej)
Platform: Windows 10 Home Version 1709 16299.547 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.10325.20118\OfficeClickToRun.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\Install\{43841360-58F8-4300-A18E-1A9E71502358}\68.0.3440.106_chrome_installer.exe
(Google Inc.) C:\Windows\Temp\CR_1D923.tmp\setup.exe
(Google Inc.) C:\Windows\Temp\CR_1D923.tmp\setup.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Adobe Systems Incorporated) C:\Users\Ondřej\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\flashplayer30au_ha_install.exe
(Adobe Systems Incorporated) C:\Users\Ondřej\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\flashplayer30au_ha_install.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2017-04-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2017-04-07] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-08-21] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\Ondřej\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\Ondřej\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google)
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1217808 2009-09-14] (Valve Corporation)
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk [2014-12-16]
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{12905df0-75d7-4ef7-9a0d-f24a393ac472}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{33a0473d-74e1-4774-9ad5-b92b295f208c}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1417770187&from=cvs&uid=ST500LT012-1DG142_S3PCQ85D&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1434698 ... 2_S3PCQ85D
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1417770187&from=cvs&uid=ST500LT012-1DG142_S3PCQ85D&q={searchTerms}
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1417770187&from=cvs&uid=ST500LT012-1DG142_S3PCQ85D&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1417770187&from=cvs&uid=ST500LT012-1DG142_S3PCQ85D&q={searchTerms}
SearchScopes: HKLM -> {AA01AFE9-E886-40EE-BA3D-ADEB15260B58} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1434698273&z=737ceb2b0fb3b04812d4670gdzec4z1q7tab9obw7b&from=ient06182&uid=ST500LT012-1DG142_S3PCQ85D&q={searchTerms}
SearchScopes: HKLM-x32 -> {AA01AFE9-E886-40EE-BA3D-ADEB15260B58} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2562165561-2641732231-254196661-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2562165561-2641732231-254196661-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-07-31] (Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-30] (Microsoft Corporation)
BHO-x32: No Name -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> No File
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-31] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-31] (Microsoft Corporation)
Edge:
======
Edge Extension: (AutoFormFill) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [2017-09-29]
Edge Extension: (LearningTools) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [2018-03-18]
FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-09-03] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-09-03] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default [2018-09-03]
CHR Extension: (Prezentace) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-20]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-05-06]
CHR Extension: (YouTube) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-19]
CHR Extension: (Vyhledávání Google) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Tabulky) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-03]
CHR Extension: (Avast Online Security) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-09]
CHR Extension: (Gmail) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-05]
CHR HKU\S-1-5-21-2562165561-2641732231-254196661-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2562165561-2641732231-254196661-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2562165561-2641732231-254196661-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2562165561-2641732231-254196661-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-08-21] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-21] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853984 2018-08-09] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-24] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2014-12-16] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [214520 2017-01-05] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2017-04-07] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\NisSrv.exe [356176 2017-12-13] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MsMpEng.exe [105792 2017-12-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-08-21] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-08-21] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-08-21] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-21] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-08-21] (AVAST Software)
S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-08-21] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-08-21] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-08-21] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-08-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-08-21] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-08-21] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-08-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467064 2018-08-21] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-08-21] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-08-21] (AVAST Software)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-08] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-09-29] (MediaTek Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2017-12-13] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288848 2017-12-13] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2017-12-13] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [34960 2018-02-02] (HP)
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-03 21:22 - 2018-09-03 21:22 - 000002566 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-09-03 21:22 - 2018-09-03 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2018-09-03 21:21 - 2018-09-03 21:22 - 007566544 _____ (Malwarebytes) C:\Users\Ondřej\Downloads\adwcleaner_7.2.3.exe
2018-09-03 21:17 - 2018-09-03 21:20 - 000025044 _____ C:\Users\Ondřej\Downloads\FRST.txt
2018-09-03 21:13 - 2018-09-03 21:17 - 000000000 ____D C:\FRST
2018-09-03 21:08 - 2018-09-03 21:09 - 002413056 _____ (Farbar) C:\Users\Ondřej\Downloads\FRST64.exe
2018-09-03 20:55 - 2018-09-03 20:55 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-08-23 17:55 - 2018-08-23 18:11 - 000000000 ____D C:\Users\Ondřej\AppData\Local\AVAST Software
2018-08-23 17:55 - 2018-08-23 17:55 - 000002016 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Avast Passwords.lnk
2018-08-23 17:55 - 2018-08-23 17:55 - 000001992 _____ C:\Users\Ondřej\Desktop\Avast Passwords.lnk
2018-08-23 17:54 - 2018-08-23 18:11 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-08-21 11:30 - 2018-08-21 11:29 - 000378072 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-08-21 11:30 - 2018-08-21 11:29 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-08-08 21:29 - 2018-08-08 21:29 - 000000000 ____D C:\Windows.old
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-03 21:26 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-03 21:25 - 2014-12-01 20:49 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Adobe
2018-09-03 21:22 - 2017-11-07 20:14 - 000002560 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-09-03 21:22 - 2017-11-07 20:14 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-09-03 21:22 - 2017-11-07 20:14 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-09-03 21:22 - 2017-11-07 20:14 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2018-09-03 21:22 - 2017-11-07 20:14 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-09-03 21:22 - 2017-11-07 20:14 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-09-03 21:22 - 2017-11-07 20:14 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-09-03 21:20 - 2017-12-13 19:08 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-09-03 21:19 - 2014-05-03 21:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-09-03 21:17 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-03 21:16 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-09-03 21:02 - 2018-03-13 22:05 - 000004636 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-03 21:02 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-09-03 21:02 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-09-03 20:57 - 2017-10-01 18:55 - 000000000 ____D C:\Program Files\rempl
2018-09-03 20:55 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-03 20:52 - 2018-01-06 20:12 - 000000000 ____D C:\Program Files (x86)\Steam
2018-09-03 20:52 - 2014-11-27 18:32 - 000000000 ____D C:\Users\Ondřej\Documents\Youcam
2018-09-03 20:45 - 2016-05-30 09:58 - 000000000 __SHD C:\Users\Ondřej\IntelGraphicsProfiles
2018-09-03 20:43 - 2017-12-08 17:05 - 000000000 ____D C:\Users\Ondřej
2018-09-03 20:35 - 2017-12-08 18:31 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2562165561-2641732231-254196661-1001
2018-09-03 20:35 - 2016-05-30 10:30 - 000002433 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-03 20:35 - 2014-11-27 18:34 - 000000000 __RDO C:\Users\Ondřej\OneDrive
2018-09-03 20:33 - 2017-12-08 18:31 - 000004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F2FCDC34-3331-4502-BE97-952B1E63B756}
2018-09-03 20:24 - 2017-12-08 16:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-09-03 20:07 - 2017-12-08 18:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-03 20:06 - 2017-09-29 10:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-09-03 20:02 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-23 18:42 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-08-23 18:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-23 17:49 - 2018-07-29 11:18 - 000000348 _____ C:\WINDOWS\Tasks\HPCeeScheduleForOndřej.job
2018-08-21 11:32 - 2014-12-08 20:31 - 000467064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-21 11:30 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-08-21 11:29 - 2017-12-13 19:06 - 000197160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-08-21 11:29 - 2014-12-08 20:31 - 000381584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-08-21 11:29 - 2014-12-08 20:31 - 000211160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-08-21 11:29 - 2014-12-08 20:31 - 000159640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-08-21 11:29 - 2014-12-08 20:31 - 000111872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-08-21 11:29 - 2014-12-08 20:31 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-08-21 11:29 - 2014-12-08 20:31 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-08-21 11:28 - 2018-01-05 17:48 - 000239680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-08-21 11:28 - 2017-12-13 19:06 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-08-21 11:28 - 2017-12-13 19:06 - 000229392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-08-21 11:28 - 2017-12-13 19:06 - 000201328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-08-21 11:28 - 2017-12-13 19:06 - 000059592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-08-21 11:28 - 2014-12-08 20:31 - 001027728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-08-20 17:18 - 2018-07-29 11:18 - 000003244 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForOndřej
2018-08-08 23:27 - 2018-04-12 18:55 - 000000000 ___HD C:\$WINDOWS.~BT
2018-08-08 23:24 - 2017-11-30 14:42 - 000000000 ___DC C:\WINDOWS\Panther
2018-08-05 16:27 - 2018-08-01 21:05 - 000000000 ___HD C:\$SysReset
==================== Files in the root of some directories =======
2017-04-12 23:22 - 2017-04-12 23:22 - 007639040 _____ () C:\Program Files (x86)\GUT3A6A.tmp
2007-04-04 20:21 - 2007-04-04 20:21 - 001723904 _____ () C:\Program Files (x86)\Microsoft_DirectX_SDK.msi
2007-04-04 19:53 - 2007-04-04 19:53 - 000079208 _____ (Microsoft Corporation) C:\Program Files (x86)\Setup.exe
Some files in TEMP:
====================
2018-08-01 20:38 - 2018-08-01 20:38 - 000534528 _____ () C:\Users\Ondřej\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-08-08 23:33
==================== End of FRST.txt ============================
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by Ondřej (03-09-2018 21:29:07)
Running from C:\Users\Ondřej\Downloads
Windows 10 Home Version 1709 16299.547 (X64) (2017-12-09 15:44:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2562165561-2641732231-254196661-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2562165561-2641732231-254196661-503 - Limited - Disabled)
Guest (S-1-5-21-2562165561-2641732231-254196661-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2562165561-2641732231-254196661-1003 - Limited - Enabled)
Ondřej (S-1-5-21-2562165561-2641732231-254196661-1001 - Administrator - Enabled) => C:\Users\Ondřej
WDAGUtilityAccount (S-1-5-21-2562165561-2641732231-254196661-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty(R) 2 (HKLM-x32\...\{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 Patch 1.3 (HKLM-x32\...\{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}) (Version: 1.3 - ) Hidden
Call of Duty(R) 2 Patch 1.3 (HKLM-x32\...\{C13E90B0-4E1C-11DB-6784-0152EAA218BE}) (Version: 1.3 - Activision)
CoD 2 čeština (HKLM-x32\...\CoD 2 čeština_is1) (Version: - #'Pan[S]al!er!)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.4928 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.10.5422 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Deer Hunter - The 2005 Season Demo (HKLM-x32\...\Deer Hunter 2005 Demo_is1) (Version: - Atari, Inc.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DriverDoc (HKLM-x32\...\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}) (Version: 1.3.2 - Solvusoft Corporation) Hidden
DriverDoc (HKLM-x32\...\DriverDoc) (Version: 1.3.2 - Solvusoft Corporation)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Express Courier Beta verze 0.3.6 (HKLM-x32\...\{56224C24-4579-4A63-80E2-18284A0990F7}_is1) (Version: 0.3.6 - Simopt, s.r.o.)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Online TV (HKLM-x32\...\Free Online TV_is1) (Version: 1 - NETGATE Technologies s.r.o.)
GamePark klient 2.0.9.0 (HKLM\...\{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1) (Version: 2.0.9.0 - GamePark)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.6.18.11 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{79CA8D8A-8371-4146-8920-C1405318E65E}) (Version: 12.9.24.3 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{025C1573-2F1D-46AF-BAB8-594EBF56A889}) (Version: 1.4.11 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MediaHuman YouTube to MP3 Converter 3.9.8.24 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.8.24 - MediaHuman)
Mediatek Bluetooth (HKLM\...\{16BCAEDC-C115-1729-07C4-7A0091C699A6}) (Version: 11.0.749.0 - Mediatek)
Microsoft Office 2010 pro studenty a domácnosti (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.10325.20118 - Microsoft Corporation)
Microsoft Office Basic Edition 2003 (HKLM-x32\...\{91130405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{54194F60-988C-4D03-B922-C2B00EFDA39A}) (Version: 9.10.0222 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.50.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29082 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A6F2ADC4-12C4-41E8-B90B-3BE018F5787C}) (Version: 2.48.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
World of Tanks (HKU\S-1-5-21-2562165561-2641732231-254196661-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2562165561-2641732231-254196661-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
CustomCLSID: HKU\S-1-5-21-2562165561-2641732231-254196661-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-01-15] (Cyberlink)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-01-15] (Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03A3AB45-C7B7-43B0-B015-59F3A7B58BDE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {04032CC2-179D-4C95-BB7D-A01B248E03E3} - System32\Tasks\adf9ec37-1363-4db4-8a24-aa0164210f70-4 => C:\Program Files (x86)\Internet Speed Checker\adf9ec37-1363-4db4-8a24-aa0164210f70-4.exe <==== ATTENTION
Task: {0A183497-113D-4D74-81E4-9BCF74AC41BC} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {0B98DE56-2389-498C-9DC8-B34673111A96} - System32\Tasks\avastBCLRestartS-1-5-21-2562165561-2641732231-254196661-1001 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {15A41C6E-937C-491A-9BDD-037813A87956} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {193D9995-B9DB-4E5B-9374-D79623CC014C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {2717ABF9-7657-408B-A249-C8E06BFD263C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2017-08-18] (Synaptics Incorporated)
Task: {32A059CF-2CD8-4012-B33F-D63B298A1CFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3C540EE8-7FEC-40AF-B6E8-A9F735C7DAA2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-03] (Adobe Systems Incorporated)
Task: {42B82822-D367-41AC-9A46-4782FAB3EC1C} - \WPD\SqmUpload_S-1-5-21-2562165561-2641732231-254196661-1001 -> No File <==== ATTENTION
Task: {4A3873F2-0932-4199-860E-0EF8C576501A} - System32\Tasks\{486F8833-29E9-4DF8-B41B-685C6040C4CD} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ondřej\Desktop\Mafia 1\Mafia 1 ľ Plna Verze Hry ľ CZ\Uninstall\setup.exe" -d "C:\Users\Ondřej\Desktop\Mafia 1\Mafia 1 ľ Plna Verze Hry ľ CZ\Uninstall"
Task: {4D5C4DCD-A890-4BAC-B7AC-8351C85831C8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4E277E5A-D5C4-4C49-B56A-83D3D1ABE959} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4EFD9B5F-2CFE-4747-B925-2D46C129F64F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {554226CC-AFC1-48B9-B34E-54CA155B94E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5A8272B2-0003-4A7F-A07B-57EF12606EF4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {5CE5FC80-7FFF-4591-8589-522418B96832} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2018-07-12] (Microsoft Corporation)
Task: {6529D049-7CF9-49BC-A893-32D0E688CE9C} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {66344809-754D-45D7-8E26-AF2B643EA665} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-09-03] (Microsoft Corporation)
Task: {711CA8E2-0688-4C4F-9E9D-82189043EE9F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-03] (Microsoft Corporation)
Task: {79F5F241-E6A0-4029-9156-C812763FE724} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {80F5334E-F7C6-4600-88A8-6D35D88A1110} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {80FCA74E-8427-4A4E-8AF2-BE20BEDD3CB4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {813CB8E0-9CCD-412B-BF52-6C458541748E} - System32\Tasks\{B61BEC5A-3F88-4D0D-988D-CE0AD2CD8555} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ondřej\Desktop\Mafia 1\Mafia 1 ľ Plna Verze Hry ľ CZ\Setup.exe" -d "C:\Users\Ondřej\Desktop\Mafia 1\Mafia 1 ľ Plna Verze Hry ľ CZ"
Task: {83E4A6A3-B56D-49FF-833A-D09D4DBC7AB0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-03] (Microsoft Corporation)
Task: {84850533-DB9E-4D23-8994-65B7C507227D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {87949786-64DA-4E6D-8DF0-5EABB07437BC} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Task: {881AAD3F-DB78-4E41-9E21-8EA881E72E14} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {90E14AAF-876D-4985-8E0D-360F5F40DD08} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {93E7E05B-F250-40FD-ADD7-A5A80F31DCF5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {94EEE6FC-BFF6-4662-BF6E-D6179F309720} - System32\Tasks\{F8816750-E235-4387-BA99-C652D06A69CF} => C:\Windows\system32\pcalua.exe -a C:\Users\Ondřej\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=cvs <==== ATTENTION
Task: {9882A9EB-E50C-43FC-9259-5739246DF708} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9C9E1210-B476-45DE-86D0-1C0C7856CEAC} - System32\Tasks\{BD11348D-7066-47C9-A9EC-1675A93DDB8F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ondřej\Desktop\call of duty 2 cz\DirectX\dxsetup.exe" -d "C:\Users\Ondřej\Desktop\call of duty 2 cz\DirectX"
Task: {A12D9849-E39D-475D-9EA3-1B5965B253F3} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {A54CF1A5-0EE2-44DE-85FE-36C735BC38EB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A60FCABD-B94E-48EA-BE63-7B875AD14DC1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {A70BF27C-99F3-4FFB-A619-900E93944AB7} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {B02271AA-C9B5-4C63-BA93-D249BF0A0A4E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {BE73127D-EB1F-4A6A-BAD2-A45E28106C68} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-09-03] (AVAST Software)
Task: {C3652607-82B5-42A5-A715-41A4D6364C7C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-24] ()
Task: {C4274DA5-64BA-4E9C-AB50-D987C6813232} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-06-27] (HP Inc.)
Task: {C74F372A-0EF1-4596-9016-F4B5278D62D1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-09-03] (Adobe Systems Incorporated)
Task: {D74D1EDC-A561-4066-B9A5-425C970C8DE2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-06-05] (AVAST Software)
Task: {DCB08EA6-A487-4F0A-A078-FB23C2295DBA} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {DCB699EF-47E4-4C33-9F00-4412F316256E} - System32\Tasks\HPCeeScheduleForOndřej => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {E057B32C-5C1C-49FA-BFB7-4A6867BBC678} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E1AA7217-5B95-4191-A233-45C2B12FAB74} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {E1F10D4A-FF66-4661-B3BF-8C8B5587EED9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-03] (Microsoft Corporation)
Task: {E1FBA659-8C46-4D78-821E-7E5E47723A54} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {E20A914B-20E6-4F00-888A-30C3B09559CA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-03] (Microsoft Corporation)
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\adf9ec37-1363-4db4-8a24-aa0164210f70-4" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CLVDLauncher" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CreateChoiceProcessTask" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\HPCeeScheduleForOndřej" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\LaunchSignup" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2562165561-2641732231-254196661-1001" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\Optimize Start Menu Cache Files-S-1-5-21-2562165561-2641732231-254196661-500" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\Synaptics TouchPad Enhancements" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{F2FCDC34-3331-4502-BE97-952B1E63B756}" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\YCMServiceAgent" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\{486F8833-29E9-4DF8-B41B-685C6040C4CD}" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\{B61BEC5A-3F88-4D0D-988D-CE0AD2CD8555}" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\{BD11348D-7066-47C9-A9EC-1675A93DDB8F}" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\{F8816750-E235-4387-BA99-C652D06A69CF}" /ENABLE
Task: {E7A7EBE7-F84D-4333-808A-4227DE3648F7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {EDA39620-D012-4755-880F-CC99DF1F7993} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F0381889-80F6-4305-9D40-F74F833022E5} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2015-06-22] (CyberLink Corp.)
Task: {F525E7BA-245C-4C6D-99D6-AB8E19C74691} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {F5D49BA2-D070-44E0-9404-F83D37758831} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {F9C706F7-71B1-4935-AA3F-467A549C140F} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-09-03] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\adf9ec37-1363-4db4-8a24-aa0164210f70-4.job => C:\Program Files (x86)\Internet Speed Checker\adf9ec37-1363-4db4-8a24-aa0164210f70-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\HPCeeScheduleForOndřej.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-12-16 21:00 - 2014-12-16 21:00 - 000075064 ____N () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-16 21:00 - 2017-01-05 21:23 - 000214520 ____N () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-07-12 19:30 - 2018-06-13 23:09 - 002988032 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.PeoplePicker.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 002459648 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.Relevance.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 000484352 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-07-12 19:30 - 2018-06-29 10:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-07-12 19:30 - 2018-06-29 09:57 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-18 18:41 - 2018-07-18 18:45 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-18 18:41 - 2018-07-18 18:45 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-18 18:41 - 2018-07-18 18:45 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-18 18:41 - 2018-07-18 18:45 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-18 18:41 - 2018-07-18 18:45 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-07-03 15:08 - 2018-06-22 21:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-07-03 15:08 - 2018-06-22 21:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 000047616 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2018-07-12 19:30 - 2018-06-13 23:07 - 004173824 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2018-06-25 11:07 - 2018-06-08 08:01 - 003662336 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2018-07-31 09:30 - 2018-07-31 10:21 - 000066048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2018-09-03 20:46 - 2018-09-03 20:46 - 000098816 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32api.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000110080 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\pywintypes27.dll
2018-09-03 20:46 - 2018-09-03 20:46 - 000364544 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\pythoncom27.dll
2018-09-03 20:46 - 2018-09-03 20:46 - 000320512 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32com.shell.shell.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000914432 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_hashlib.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 001176576 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._core_.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000806400 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._gdi_.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000816128 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._windows_.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 001067008 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._controls_.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000733184 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._misc_.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000682496 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\pysqlite2._sqlite.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000088064 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_ctypes.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000686080 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\unicodedata.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000119808 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32file.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000108544 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32security.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000007168 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\hashobjs_ext.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000017920 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\thumbnails_ext.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000088064 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\usb_ext.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000012800 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\common.time34.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000018432 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32event.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000167936 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32gui.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000046080 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_socket.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 001303552 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_ssl.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000128512 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_elementtree.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000127488 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\pyexpat.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000038912 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32inet.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000036864 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_psutil_windows.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000525208 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\windows._lib_cacheinvalidation.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000011264 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32crypt.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000123392 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._wizard.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000077312 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._html2.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000027648 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_multiprocessing.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000020480 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\_yappi.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000035840 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32process.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000078848 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\wx._animate.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000024064 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32pipe.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000010240 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\select.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000025600 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32pdh.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000017408 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32profile.pyd
2018-09-03 20:46 - 2018-09-03 20:46 - 000022528 ____R () C:\Users\ONDEJ~1\AppData\Local\Temp\_MEI19002\win32ts.pyd
2018-03-05 10:18 - 2018-03-05 10:18 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-21 11:29 - 2018-08-21 11:29 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-21 11:28 - 2018-08-21 11:28 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2003-07-15 07:52 - 2003-07-15 07:52 - 000027704 _____ () C:\Program Files (x86)\Microsoft Office\OFFICE11\MSODCW.DLL
2003-07-15 07:52 - 2003-07-15 07:52 - 000039992 _____ () C:\Program Files (x86)\Common Files\microsoft shared\DW\DWDCW20.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2018-08-20 16:46 - 000000825 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2562165561-2641732231-254196661-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ondřej\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\tapeta programu windows prohlížeč fotografií.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B7528DB0-481B-4B71-97CF-87B0C6A1856A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{0B2AC7A5-7CCD-443E-92F2-99ED8109DA1E}C:\users\ondřej\desktop\call of duty - black ops\blackops (2).exe] => (Block) C:\users\ondřej\desktop\call of duty - black ops\blackops (2).exe
FirewallRules: [TCP Query User{C8916825-E87A-4D39-BDD5-6729BCA97BAC}C:\users\ondřej\desktop\call of duty - black ops\blackops (2).exe] => (Block) C:\users\ondřej\desktop\call of duty - black ops\blackops (2).exe
FirewallRules: [UDP Query User{1369023F-2F85-4F37-962D-C62038D2F88B}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{1C34436F-579A-447E-9B55-1535BFA1FC70}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [{8307FDA0-6EC2-4559-BD5A-80B64ECA2F15}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [{E77FB7A3-ADE5-4DFC-9A95-0F389141263B}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [{410C16BC-B702-4E8C-8291-EB7DE83F0FEC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AC9E20BF-991A-47B6-99DA-FB8720C8F106}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5CA13096-AE9B-4167-82F6-26F14318452C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3A306298-FAC3-4BF5-A3AA-B4410B81DE10}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4F4EFFB1-10D2-40CE-91C8-6113D2720A3D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{88691956-ABC2-4B71-8F51-A1023FBD1697}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{D2BFDE14-E573-4194-81F8-327D05CB1A1B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{BFA8E751-1E96-4431-9380-2C5DB20B05D8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{07D613C9-102A-4CDB-800B-DB8E191967C5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{3D77B4C1-3857-4637-B381-F242222A6998}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{73E106F8-6517-46AA-A557-5D6C6452C09C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{17D44C78-2D2E-4021-A60B-41AA13F6C102}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{1541C3A7-716F-4561-93CE-2674FC1BBDE6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6A9C50EC-6469-42AA-AF42-DF8FF4CDE74D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6B08247C-BDCA-4EF1-8D98-77FEA100D833}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4C8A9D64-01E4-4161-8515-0DC59274622B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D1361036-9FAC-42AB-8228-26D670AE114D}] => (Allow) LPort=1900
FirewallRules: [{59EDCD6C-3DAD-438B-969C-58BF47E23FBA}] => (Allow) LPort=2869
FirewallRules: [{14BBC30B-4772-4B9E-B35B-FE19F2AB909A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2AC9D0AB-2C4B-4C6E-8B78-89578E5AA3F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{564DEDFB-2B70-456A-9951-9867C30E014C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{CBE4A36D-7B7D-448D-A827-400162F10D7F}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{34BC3136-6E76-478F-A410-ED9537DAAD3D}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{17F2A35C-DC69-4EB8-B7D4-149998BF11A6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{D2AB1C85-AB00-4A54-A7CA-C7306CE582BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D40DCAE4-28E0-4FD4-97DA-F3A6F9508030}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FB33737F-183E-408A-86BC-E8FE9EBA6D1F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6A50F561-749F-4D78-955E-6AF76300B7EC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A2EF9A74-2829-4B42-9A1D-0FE5C852EE49}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{C85C7F83-6377-485F-A6C5-0F3583D832BB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
==================== Restore Points =========================
08-08-2018 21:35:49 Windows Update
03-09-2018 20:52:47 Windows Update
03-09-2018 20:55:18 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/03/2018 09:28:11 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Aktualizaci {8B689F89-5E1C-4DA9-B2B1-7B3843275596} produktu Microsoft Office Professional 2007 nebylo možné nainstalovat. Kód chyby: 1642. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127
Error: (09/03/2018 09:27:58 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu WmiApRpl v knihovně DLL C:\WINDOWS\system32\wbem\wmiaprpl.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/03/2018 09:27:56 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/03/2018 09:27:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu MSDTC v knihovně DLL C:\WINDOWS\system32\msdtcuiu.DLL se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/03/2018 09:27:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu Lsa v knihovně DLL C:\Windows\System32\Secur32.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/03/2018 09:27:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu ESENT v knihovně DLL C:\WINDOWS\system32\esentprf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/03/2018 08:54:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (09/03/2018 08:43:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15656
System errors:
=============
Error: (09/03/2018 09:22:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/03/2018 09:06:29 PM) (Source: DCOM) (EventID: 10016) (User: ONDRA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Ondra\Ondřej (SID: S-1-5-21-2562165561-2641732231-254196661-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/03/2018 09:00:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/03/2018 08:57:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (09/03/2018 08:57:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (09/03/2018 08:57:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (09/03/2018 08:57:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (09/03/2018 08:57:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Windows Defender:
===================================
Date: 2017-12-13 15:24:33.676
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Misleading:Win32/Sofolview
ID: 240761
Závažnost: Vysoké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Solvusoft\SuiteService.exe;process:_pid:3180,ProcessStart:131576479283872272;regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS\\C:\Program Files (x86)\Solvusoft\SuiteService.exe;service:_Solvusoft Suite Service;shareddll:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS\\C:\Program Files (x86)\Solvusoft\SuiteService.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\Solvusoft\SuiteService.exe
Verze podpisu: AV: 1.259.206.0, AS: 1.259.206.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14405.2, NIS: 2.1.14202.0
Date: 2017-12-13 15:22:18.027
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Misleading:Win32/Sofolview
ID: 240761
Závažnost: Vysoké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Solvusoft\SuiteService.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClient.exe
Verze podpisu: AV: 1.259.206.0, AS: 1.259.206.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14405.2, NIS: 2.1.14202.0
Date: 2017-12-13 15:22:00.183
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Misleading:Win32/Sofolview
ID: 240761
Závažnost: Vysoké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe;regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\CommonToolkitTray_Solvusoft;regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS\\C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe;runkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\CommonToolkitTray_Solvusoft;shareddll:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS\\C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Ondra\Ondřej
Název procesu: C:\Windows\SysWOW64\runonce.exe
Verze podpisu: AV: 1.259.206.0, AS: 1.259.206.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14405.2, NIS: 2.1.14202.0
Date: 2017-12-13 15:21:52.519
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Misleading:Win32/Sofolview
ID: 240761
Závažnost: Vysoké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Solvusoft\SuiteService.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClient.exe
Verze podpisu: AV: 1.259.206.0, AS: 1.259.206.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14405.2, NIS: 2.1.14202.0
Date: 2017-12-13 15:15:33.248
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Misleading:Win32/Sofolview
ID: 240761
Závažnost: Vysoké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Ondra\Ondřej
Název procesu: C:\Windows\SysWOW64\runonce.exe
Verze podpisu: AV: 1.259.206.0, AS: 1.259.206.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14405.2, NIS: 2.1.14202.0
Date: 2018-06-05 16:27:43.161
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.259.257.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14405.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
Date: 2018-06-05 16:27:43.160
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 118.2.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.14202.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
Date: 2018-06-05 16:27:43.120
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.259.257.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14405.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
Date: 2018-06-05 16:27:43.119
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.259.257.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14405.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
Date: 2018-06-05 16:27:43.118
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.259.257.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14405.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===================================
Date: 2018-09-03 21:29:12.427
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 21:29:12.420
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 21:28:45.398
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 21:28:45.389
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 21:28:35.356
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 21:28:35.349
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 21:28:33.334
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 21:28:33.329
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 76%
Total physical RAM: 3984.27 MB
Available physical RAM: 950.41 MB
Total Virtual: 6416.27 MB
Available Virtual: 2933.29 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:447.39 GB) (Free:133.87 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:16.44 GB) (Free:1.58 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{39cca1ee-f533-4ed8-b528-949863bc2cf9}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.35 GB) NTFS
\\?\Volume{3bf443ea-3e87-4c31-9d37-a1c1f02ff2f0}\ () (Fixed) (Total:0.25 GB) (Free:0.14 GB) FAT32
\\?\Volume{217352a0-c3bf-4935-b4bb-72967679f681}\ () (Fixed) (Total:0.9 GB) (Free:0.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6724854A)
Partition: GPT.
==================== End of Addition.txt ============================
Ak nepouzivas, odorucam 