VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

https://forum.viry.cz:443/viewtopic.php?t=154921

Stránka 1 z 2

kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 30 zář 2018 06:28
od wegel
Dobrý den, poprosil bych o kontrolu logu. Poslední dobou celkem zpomalené PC, někdy při Google Chrome zatížení paměti až 95%, Firefox mi sám nainstaloval yahoo vyhledávač a nešlo ho zrušit,jen potvrdit a následně nešel odinstalovat.Tak jsem odinstaloval celý Firefox ale koukám , že nějaké zbytky z něj zbyly, případně i ty bych potřeboval poradit jak nejhodněji smazat.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.09.2018
Ran by Milan (administrator) on MILAN-PC (30-09-2018 07:08:18)
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: UpdatusUser & Milan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Philips Display\SmartControl\dthtml.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6628968 2011-05-03] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-16] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-08-23] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] ()
HKLM-x32\...\Run: [DT PLP] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121456 2010-05-17] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1500160 2011-06-16] (Nokia)
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [3015072 2016-01-19] (Comfort Software Group)
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\Run: [GoogleChromeAutoLaunch_27F903477283DEE2D82EF65AEF1A178E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1469784 2018-09-15] (Google Inc.)
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [1366528 2018-05-06] (Adobe Systems Incorporated)
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\MountPoints2: {0fa5cda4-91c3-11e1-8dcc-6c626de9a39d} - J:\autorun.exe
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\MountPoints2: {6b147fbf-3cda-11e4-9e7c-6c626de9a39d} - E:\LGAutoRun.exe
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{C040E690-7EAE-4223-BC6B-1B6051944ECC}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = hxxp://www.crawler.com/search/dispatcher.aspx? ... tbid=60347
SearchScopes: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001 -> {28D505E6-9692-43A9-B056-6E9736AAADF6} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316_yserp&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001 -> {4980EDEB-7F01-46C0-8CB9-6AEAAC7A6597} URL = hxxp://search.eshield.com/serp?guid={8AF14FD7-8F30-4447-9BA8-02EE4B2D8ACF}&action=default_search&k={searchTerms}
SearchScopes: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001 -> {56CCFF7B-25C1-4AA1-9E4B-1A1F40929B97} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11467
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2017-01-03] (Eyeo GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: No Name -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> No File
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2017-01-03] (Eyeo GmbH)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\.DEFAULT -> No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
IE Session Restore: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001 -> is enabled.
DPF: HKLM-x32 {8167C273-DF59-4416-B647-C8BB2C7EE83E} hxxp://liveupdate.msi.com.tw/autobios/LOnline/RELEASECAB/install.cab
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: jqqxrgsb.default
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\jqqxrgsb.default [2018-09-29]
FF Homepage: Mozilla\Firefox\Profiles\jqqxrgsb.default ->
about:newtab
FF Session Restore: Mozilla\Firefox\Profiles\jqqxrgsb.default -> is enabled.
FF Extension: (Avast SafePrice) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\jqqxrgsb.default\Extensions\sp@avast.com.xpi [2018-06-20]
FF Extension: (Avast Online Security) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\jqqxrgsb.default\Extensions\wrc@avast.com.xpi [2018-05-26]
FF Extension: (FamilyFriendly Parental Control) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\jqqxrgsb.default\Extensions\{6a2b1f3a-fd62-480d-96ad-4714bfffa22d}.xpi [2018-07-15]
FF Extension: (Firefox Monitor) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\jqqxrgsb.default\features\{ddcf68e9-bd4b-46c3-8c75-d41c93af95fd}\fxmonitor@mozilla.org.xpi [2018-09-28]
FF Extension: (Telemetry coverage) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\jqqxrgsb.default\features\{ddcf68e9-bd4b-46c3-8c75-d41c93af95fd}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-28] [Legacy]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-05-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-10] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-01-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3170063520-3094865265-1537349500-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2018-06-29] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3170063520-3094865265-1537349500-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2018-06-29] (TD Ameritrade)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.facebook.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default [2018-09-30]
CHR Extension: (Překladač Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (WOT: Web of Trust, hodnocení webů) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-06-28]
CHR Extension: (Moje IP adresa) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf [2014-07-08]
CHR Extension: (Adblock Plus) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-09-12]
CHR Extension: (Adblock na Youtube™) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2018-09-14]
CHR Extension: (Parental Controls & Web Filter from MetaCert) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpfbddcgbimoafpgmbbjiliegkfcjkmn [2018-04-22]
CHR Extension: (Block Site - Website Blocker for Chrome™) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2018-06-20]
CHR Extension: (Avast Passwords) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2018-08-15]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-20]
CHR Extension: (Avira Browser Safety) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-05-26]
CHR Extension: (Avast Online Security) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-26]
CHR Extension: (Tiny WebFilter: Anti-Porn & Block Adult Sites) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hijnjfkkfccbdcgbbcdidhgfgfhiapib [2017-05-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-09-16] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-21] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-16] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [431544 2018-09-16] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-21] (AVAST Software)
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [121456 2010-05-17] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-09-27] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 HP LaserJet Service; "C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-09-16] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-09-16] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-09-16] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-09-16] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-09-16] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-09-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163392 2018-09-16] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2018-02-10] (AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [662056 2018-09-16] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-09-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-09-16] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-09-16] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-16] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215920 2018-09-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-09-16] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-29] (DT Soft Ltd)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2015-12-24] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
S3 MSI_MSIBIOS_010507; C:\Program Files\MSI\MSIWDev\msibios64_100507.sys [33592 2010-05-10] (Your Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-04-28] (Marvell Semiconductor, Inc.)
S3 NTIOLib_1_0_8; C:\Program Files\MSI\MSIWDev\NTIOLib_X64.sys [11888 2011-01-27] (MSI) [File not signed]
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20592 2010-04-16] (Portrait Displays, Inc.)
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-30 07:08 - 2018-09-30 07:09 - 000026811 _____ C:\Users\Milan\Desktop\FRST.txt
2018-09-30 07:07 - 2018-09-30 07:08 - 000000000 ____D C:\FRST
2018-09-30 07:05 - 2018-09-29 23:30 - 002414080 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2018-09-30 07:05 - 2018-09-29 23:19 - 007592144 _____ (Malwarebytes) C:\Users\Milan\Desktop\adwcleaner_7.2.4.0.exe
2018-09-29 23:23 - 2018-09-29 23:30 - 002414080 _____ (Farbar) C:\Users\Milan\Downloads\FRST64.exe
2018-09-29 23:18 - 2018-09-29 23:19 - 007592144 _____ (Malwarebytes) C:\Users\Milan\Downloads\adwcleaner_7.2.4.0.exe
2018-09-29 22:58 - 2018-09-29 22:58 - 000000724 _____ C:\Users\Milan\Desktop\sazkovky.txt
2018-09-29 22:53 - 2018-09-29 22:53 - 000000099 _____ C:\Windows\Reimage.ini
2018-09-29 22:52 - 2018-09-29 22:52 - 000605424 _____ (Reimage) C:\Users\Milan\Downloads\ReimageRepair.exe
2018-09-29 20:39 - 2018-09-29 20:39 - 000052575 _____ C:\Users\Milan\Downloads\Breaking.Bad.S01E01.720p.HDTV.x264-BiA.srt
2018-09-29 10:43 - 2018-09-29 10:47 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Apple Computer
2018-09-29 10:43 - 2018-09-29 10:43 - 000000000 ____D C:\Users\Milan\AppData\Local\Apple Computer
2018-09-29 10:32 - 2018-09-29 10:32 - 000001707 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-09-29 10:32 - 2018-09-29 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-09-29 10:31 - 2018-09-29 10:31 - 000000000 ____D C:\Program Files\iPod
2018-09-29 10:30 - 2018-09-29 10:32 - 000000000 ____D C:\Program Files\iTunes
2018-09-29 10:30 - 2018-09-29 10:30 - 000000000 ____D C:\ProgramData\Apple Computer
2018-09-29 10:26 - 2018-09-29 10:26 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-09-29 10:26 - 2018-09-29 10:26 - 000000000 ____D C:\Users\Milan\AppData\Local\Apple
2018-09-29 10:26 - 2018-09-29 10:26 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-09-29 10:25 - 2018-09-29 10:25 - 000000000 ____D C:\Program Files\Bonjour
2018-09-29 10:25 - 2018-09-29 10:25 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-09-29 10:24 - 2018-09-29 10:26 - 000000000 ____D C:\ProgramData\Apple
2018-09-29 10:24 - 2018-09-29 10:26 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-09-29 10:15 - 2018-09-29 10:18 - 269990216 _____ (Apple Inc.) C:\Users\Milan\Downloads\iTunes64Setup.exe
2018-09-22 15:52 - 2018-09-22 19:04 - 3344690919 _____ C:\Users\Milan\Downloads\Breaking-Bad-1-01-Pilot-HD-1080p.mkv
2018-09-22 08:53 - 2018-09-22 08:53 - 000070774 _____ C:\Users\Milan\Downloads\i-Profit Tracker-Fixed.ex4
2018-09-22 08:53 - 2018-09-22 08:53 - 000020688 _____ C:\Users\Milan\Downloads\USD - 30 Pips = 5%.csv
2018-09-16 09:09 - 2018-09-16 09:09 - 000379608 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-09-08 08:10 - 2018-09-08 08:50 - 729605136 _____ C:\Users\Milan\Downloads\Maly Nicky - Satan Junior CZ.avi
2018-09-02 18:48 - 2018-09-02 18:49 - 030275077 _____ C:\Users\Milan\Downloads\Návod - Apple iPhone 4S 32GB.pdf
2018-09-02 15:17 - 2018-09-05 17:37 - 000000351 _____ C:\Users\Milan\Desktop\market.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-30 07:05 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-30 07:05 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-30 06:59 - 2018-02-10 16:04 - 000000000 ____D C:\Users\Milan\AppData\Local\AVAST Software
2018-09-30 06:57 - 2012-07-23 16:46 - 000001820 _____ C:\Users\Milan\Desktop\SmartControl.lnk
2018-09-30 06:57 - 2011-07-09 19:59 - 000000000 ____D C:\Users\Milan
2018-09-30 06:48 - 2018-08-05 18:37 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-09-30 06:48 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-30 06:47 - 2011-04-14 14:55 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-29 23:11 - 2016-02-04 17:53 - 000000634 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3170063520-3094865265-1537349500-1001.job
2018-09-29 22:58 - 2017-07-06 20:21 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Mozilla
2018-09-29 22:43 - 2016-02-04 17:53 - 000000538 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3170063520-3094865265-1537349500-1001.job
2018-09-29 22:25 - 2017-09-11 09:28 - 000000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2018-09-29 19:53 - 2017-06-17 18:41 - 000004540 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-09-29 19:53 - 2016-02-04 17:53 - 000003660 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3170063520-3094865265-1537349500-1001
2018-09-29 19:53 - 2016-02-04 17:53 - 000003564 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3170063520-3094865265-1537349500-1001
2018-09-29 19:53 - 2015-12-03 16:34 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-09-29 19:53 - 2015-05-04 11:14 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-29 19:53 - 2014-07-27 16:41 - 000003200 _____ C:\Windows\System32\Tasks\{EC091822-D9C5-4AF5-94B9-D049CB2408CE}
2018-09-29 19:53 - 2013-12-12 22:43 - 000002910 _____ C:\Windows\System32\Tasks\{1CE4565A-20CF-4C55-B93D-81AE2DAAA04E}
2018-09-29 19:53 - 2013-03-03 20:02 - 000003320 _____ C:\Windows\System32\Tasks\{D0BC3A15-8E03-4A7D-A883-CF853634CBFE}
2018-09-29 19:53 - 2012-09-04 18:46 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-09-29 19:53 - 2012-09-04 18:46 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-09-29 19:53 - 2012-04-20 20:45 - 000003300 _____ C:\Windows\System32\Tasks\{CE598132-5844-435A-955A-93BC7ED8377A}
2018-09-29 19:53 - 2011-07-23 09:09 - 000003184 _____ C:\Windows\System32\Tasks\{A5BEF975-0838-47B8-8ED9-D00EE6EA8C9E}
2018-09-29 19:53 - 2011-07-22 16:15 - 000003168 _____ C:\Windows\System32\Tasks\{8AB35C8D-D73E-45E3-BFE9-8D1819C31BB9}
2018-09-29 15:43 - 2017-07-08 12:38 - 000000000 ____D C:\Users\Milan\AppData\Local\GoToMeeting
2018-09-29 10:26 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-21 16:52 - 2015-10-15 18:23 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-19 16:42 - 2018-06-21 16:20 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-09-19 16:42 - 2018-06-21 16:20 - 000002386 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-09-17 20:51 - 2014-07-08 17:00 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-17 20:51 - 2013-03-19 07:53 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-16 09:10 - 2017-03-12 18:23 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-09-16 09:10 - 2013-12-26 10:56 - 000215920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-09-16 09:10 - 2013-03-18 18:55 - 000087904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-09-16 09:10 - 2011-07-09 20:07 - 000467320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-09-16 09:10 - 2011-07-09 20:07 - 000163392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-09-16 09:09 - 2018-02-10 15:43 - 000662056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2018-09-16 09:09 - 2018-02-10 15:10 - 000199712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-09-16 09:09 - 2017-03-12 18:23 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-09-16 09:09 - 2017-03-12 18:23 - 000229384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-09-16 09:09 - 2017-03-12 18:23 - 000201320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-09-16 09:09 - 2017-03-12 18:23 - 000059568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-09-16 09:09 - 2014-04-24 18:39 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-09-16 09:09 - 2013-03-18 18:55 - 000381560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-09-16 09:09 - 2012-06-16 11:33 - 000111864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-09-16 09:09 - 2011-07-09 20:07 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-09-12 20:11 - 2015-12-12 21:06 - 000000000 ____D C:\Users\Milan\Desktop\forex

==================== Files in the root of some directories =======

2015-12-24 16:20 - 2015-12-24 16:20 - 000000624 _____ () C:\Users\Milan\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-06-25 19:00 - 2014-06-25 19:00 - 000000192 _____ () C:\Users\Milan\AppData\Roaming\Safer-Networking.log
2011-08-21 17:55 - 2017-09-07 07:23 - 000009216 _____ () C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-09-10 20:21 - 2016-09-10 20:21 - 000004096 ____H () C:\Users\Milan\AppData\Local\keyfile3.drm
2011-07-27 12:08 - 2018-05-05 22:10 - 000007635 _____ () C:\Users\Milan\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2013-08-05 08:15 - 2013-08-05 08:15 - 004292136 _____ (www.Bandisoft.com) C:\Users\Milan\AppData\Local\Temp\bdfilters.dll
2018-02-17 11:02 - 2018-02-17 10:38 - 000017920 _____ () C:\Users\Milan\AppData\Local\Temp\cmunst_.exe
2017-01-05 16:37 - 2017-01-05 16:37 - 000032768 _____ () C:\Users\Milan\AppData\Local\Temp\f1hfacze.dll
2017-08-22 19:35 - 2017-08-22 19:35 - 000035680 _____ () C:\Users\Milan\AppData\Local\Temp\i4jdel0.exe
2016-08-07 18:52 - 2016-08-07 18:53 - 037251016 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.1.1.5.exe
2016-09-02 19:22 - 2016-09-02 19:24 - 037232728 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.1.2.2.exe
2017-09-05 13:49 - 2017-09-05 13:51 - 039473240 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.1.4.exe
2017-09-12 17:16 - 2017-09-12 17:17 - 039543848 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.1.exe
2018-05-19 06:43 - 2018-05-19 06:44 - 036708968 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.10.exe
2018-06-22 17:51 - 2018-06-22 17:51 - 037295728 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.12.exe
2018-07-15 14:58 - 2018-07-15 14:58 - 038170824 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.13.exe
2018-08-11 19:41 - 2018-08-11 19:42 - 038163512 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.14.exe
2018-09-11 20:54 - 2018-09-11 20:54 - 038160144 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.15.exe
2017-09-19 16:02 - 2017-09-19 16:03 - 039539840 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.2.exe
2017-10-19 09:49 - 2017-10-19 09:51 - 039540656 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.3.exe
2017-11-25 21:15 - 2017-11-25 21:16 - 039544976 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.5.exe
2018-01-10 18:49 - 2018-01-10 18:50 - 039570392 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.6.exe
2018-02-25 13:36 - 2018-02-25 13:36 - 039681752 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.7.exe
2018-03-31 10:07 - 2018-03-31 10:07 - 039685432 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.8.exe
2017-04-01 06:25 - 2017-04-01 06:25 - 000032768 _____ () C:\Users\Milan\AppData\Local\Temp\pzpj0pye.dll
2015-12-24 15:31 - 2018-02-17 10:40 - 000192512 _____ () C:\Users\Milan\AppData\Local\Temp\sfamcc00001.dll
2015-12-24 16:41 - 2016-10-27 20:04 - 000192512 _____ () C:\Users\Milan\AppData\Local\Temp\sfamcc00002.dll
2012-12-16 11:55 - 2012-12-16 11:55 - 000055296 _____ () C:\Users\Milan\AppData\Local\Temp\sfextra.dll
2017-10-26 10:07 - 2017-10-26 10:07 - 000488960 _____ () C:\Users\Milan\AppData\Local\Temp\sqlite3.exe
2016-12-08 20:21 - 2016-12-08 20:21 - 013983608 _____ (Google Inc.) C:\Users\Milan\AppData\Local\Temp\{79D22EED-6F3D-4AA2-9FD9-D38087B7BB7C}-55.0.2883.87_54.0.2840.99_chrome_updater.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-25 16:26

==================== End of FRST.txt ============================

Re: kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 30 zář 2018 06:31
od wegel
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.09.2018
Ran by Milan (30-09-2018 07:09:47)
Running from C:\Users\Milan\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-07-09 17:59:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3170063520-3094865265-1537349500-500 - Administrator - Disabled)
Guest (S-1-5-21-3170063520-3094865265-1537349500-501 - Limited - Enabled)
Milan (S-1-5-21-3170063520-3094865265-1537349500-1001 - Administrator - Enabled) => C:\Users\Milan
UpdatusUser (S-1-5-21-3170063520-3094865265-1537349500-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 18.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1801-000001000000}) (Version: 18.01.00.0 - Igor Pavlov)
Adblock Plus pro IE (32-bit a 64-bit) (HKLM\...\{79A37DB3-D7F9-4492-8774-2BD8EB316981}) (Version: 1.6 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Application Verifier (x64) (HKLM\...\{89026002-A893-42D9-9E20-6829B844735E}) (Version: 4.1.1078 - Microsoft Corporation)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.6.1.0168 - DT Soft Ltd)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.0.792.81 - AVAST Software)
Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1) (HKLM\...\B726756F5B5A5AA9D798B399386FC6205A45F19E) (Version: 02/15/2007 3.1 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
ClassicPro© v1.15 (HKLM-x32\...\ClassicPro) (Version: 1.15 - Skin Consortium)
ControlCenter (HKLM-x32\...\ControlCenter_is1) (Version: - MSI CO.,LTD.)
CPUID CPU-Z 1.58 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
Dropbox (HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
footbe (HKLM-x32\...\footbe_is1) (Version: 2.2.3 beta build 1260 - )
FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Free Screen Recorder 6.1.0 (HKLM-x32\...\{2039a3a0-a6fd-44d6-9568-0b8cc92945c2}_is1) (Version: 6.1.0 - ThunderSoft Studio)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 8.35.0.10697 (HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\GoToMeeting) (Version: 8.35.0.10697 - LogMeIn, Inc.)
GrPing 1.3 (HKLM-x32\...\GrPing) (Version: - )
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (HKLM-x32\...\{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}) (Version: 1.0.0.2 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
HWiNFO64 Version 5.10 (HKLM\...\HWiNFO64_is1) (Version: 5.10 - Martin Malík - REALiX)
ICQ 8.3 (verze 7317) (HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\ICQ) (Version: 8.3.7317.0 - ICQ)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IrfanView 4.50 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.50 - Irfan Skiljan)
iTunes (HKLM\...\{9F1EE6A3-7BDE-48CC-BC81-1EA3D21D94E3}) (Version: 12.9.0.167 - Apple Inc.)
LG CyberLink LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3109 - CyberLink Corp.) Hidden
LG CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3109 - CyberLink Corp.)
LG CyberLink Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.) Hidden
LG CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.)
LG CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.5529 - CyberLink Corp.)
LG CyberLink YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3304a - CyberLink Corp.) Hidden
LG CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3304a - CyberLink Corp.)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG Power Tools (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3316 - CyberLink Corp.) Hidden
LG Power Tools (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3316 - CyberLink Corp.)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
Malwarebytes Anti-Malware verze 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.213 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Czech/èeština (HKLM-x32\...\OMUI.cs-cz) (Version: 12.0.4518.1025 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Windows Performance Toolkit (HKLM\...\{E7F9E526-2324-437B-A609-E8C5309465CB}) (Version: 4.8.0 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Mp3tag v2.49 (HKLM-x32\...\Mp3tag) (Version: v2.49 - Florian Heidenreich)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero 7 Premium (HKLM-x32\...\{847CAE64-4CD2-4B2D-AF00-978FF5431029}) (Version: 7.02.9755 - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{2D99A593-C841-43A7-B7C9-D6F3AE70B756}) (Version: 7.1.45.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{D0D14551-3A2D-433B-861F-F4DCE5422759}) (Version: 7.1.62.1 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.62.1 - Nokia)
Nokia Software Updater (HKLM-x32\...\{889D48DA-457F-4C8B-9095-6458F2793B12}) (Version: 3.0.605 - Nokia Corporation)
NVIDIA Ovladač 3D Vision 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 275.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 275.33 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací panel NVIDIA 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 306.97 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}) (Version: 11.4.19.0 - Nokia)
Pivot Pro Plugin (HKLM-x32\...\{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}) (Version: 9.50.110 - Portrait Displays, Inc.) Hidden
Planescape: Torment Enhanced Edition (HKLM-x32\...\1132393016_is1) (Version: 3.1.3.0 - GOG.com)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6363 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.22.002 - Portrait Displays, Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SmartControl (HKLM-x32\...\{F4EF231A-7218-41B1-AB84-F5B48B74C50A}) (Version: 2.02.005 - Portrait Displays, Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spell it out Loud (HKLM-x32\...\Spell it out Loud) (Version: 1.1.0.0 - Vitware.cz)
Telegram Desktop version 1.1.23 (HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.1.23 - Telegram Messenger LLP)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.50 - C. Ghisler & Co.)
TSR Watermark Image software version 3.4.2.9 (HKLM-x32\...\TSR Watermark Image_is1) (Version: 3.4.2.9 - TSR Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Milan\AppData\Local\GoToMeeting\8953\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-16] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-16] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-16] (AVAST Software)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-06-28] (Nero AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-16] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2013-04-04] (Malwarebytes Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-10-02] (NVIDIA Corporation)
ContextMenuHandlers5: [PortraitDisplaysContextMenu] -> {8602BDD8-9780-4717-B89A-7F89AF75B2AB} => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\shellmenu64.dll [2010-05-13] (Portrait Displays, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-16] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2013-04-04] (Malwarebytes Corporation)
ContextMenuHandlers1_S-1-5-21-3170063520-3094865265-1537349500-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3170063520-3094865265-1537349500-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3170063520-3094865265-1537349500-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E05774D-94FE-4219-97C3-FB198915D4C2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {0E05774D-94FE-4219-97C3-FB198915D4C2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-02-17] (Microsoft Corporation)
Task: {11EF4C0C-0B9E-47BF-B7DE-5BF6B6E7A90F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {11EF4C0C-0B9E-47BF-B7DE-5BF6B6E7A90F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-02-17] (Microsoft Corporation)
Task: {19B712BB-8863-4283-9F6E-29D4457CD459} - System32\Tasks\G2MUploadTask-S-1-5-21-3170063520-3094865265-1537349500-1001 => C:\Users\Milan\AppData\Local\GoToMeeting\10697\g2mupload.exe [2018-09-29] (LogMeIn, Inc.)
Task: {1E7BBDEE-59D4-463A-BD13-B74DC58EBF95} - System32\Tasks\{1CE4565A-20CF-4C55-B93D-81AE2DAAA04E} => C:\prace\Znk5\ZNK5.exe
Task: {2899CB4B-FC6D-49AE-B71A-8B4B3F739FA0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [2018-05-06] (Adobe Systems Incorporated)
Task: {42EF9081-8F7C-49A9-AD0E-86244BD58E6A} - System32\Tasks\{CE598132-5844-435A-955A-93BC7ED8377A} => C:\Windows\system32\pcalua.exe -a C:\Users\Milan\Downloads\Czech_language_pack_553.exe -d "C:\Program Files (x86)\Winamp\lang" -c -el -s2 "-dC:\Program Files (x86)\Winamp\lang" "-p" "-sp"
Task: {4362735C-0B5C-4DB3-9C74-3BE7A0B42666} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {533D5BC3-0F84-4BF3-A39D-72136226AB98} - System32\Tasks\{8AB35C8D-D73E-45E3-BFE9-8D1819C31BB9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ViewPower\ViewPower.exe" -d "C:\Program Files (x86)\ViewPower\"
Task: {59B0AC36-AA68-4E5B-8D02-D94DF3BE086F} - System32\Tasks\G2MUpdateTask-S-1-5-21-3170063520-3094865265-1537349500-1001 => C:\Users\Milan\AppData\Local\GoToMeeting\10697\g2mupdate.exe [2018-09-29] (LogMeIn, Inc.)
Task: {5EE01AFD-550D-4D15-902C-DC62EB3CC811} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {7820D220-1709-410F-BBF2-C831F3994718} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-09-16] (AVAST Software)
Task: {7901A6C5-5819-4EC6-8A54-FF2B7D960E4A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {7901A6C5-5819-4EC6-8A54-FF2B7D960E4A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {7901A6C5-5819-4EC6-8A54-FF2B7D960E4A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2016-02-17] (Microsoft Corporation)
Task: {8B7BC55A-5CD8-4030-AC0F-8F067E1BA851} - System32\Tasks\{EC091822-D9C5-4AF5-94B9-D049CB2408CE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ViewPower2.11 SP1\ViewPower.exe" -d "C:\Program Files (x86)\ViewPower2.11 SP1\"
Task: {A0007079-1E4C-4530-8D93-F97BFC8BCADF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B024A2C2-039D-418C-B000-14DD94212ED7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {B2446AE2-38C6-4F22-8968-B4EDE28BA40B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-21] (AVAST Software)
Task: {CC5E3167-1264-4617-A341-F24B3370447E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {CC5E3167-1264-4617-A341-F24B3370447E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-02-17] (Microsoft Corporation)
Task: {D5A8011A-FB26-4546-A53F-D1570FF8316E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-09-15] (AVAST Software)
Task: {D698F94C-20A9-47A9-80E7-1A4EEF641B86} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-21] (AVAST Software)
Task: {F41C7850-1125-4CA2-BA7A-C327433FED40} - System32\Tasks\{A5BEF975-0838-47B8-8ED9-D00EE6EA8C9E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ViewPower2.08\ViewPower.exe" -d "C:\Program Files (x86)\ViewPower2.08\"
Task: {FDA48D5C-7B3D-4E74-9AEE-C930DE48088C} - System32\Tasks\{D0BC3A15-8E03-4A7D-A883-CF853634CBFE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\ApplicationInstaller.exe" -d C:\Users\Milan\AppData\Local\Temp -c "C:\Users\Milan\AppData\Local\Temp\nfsshifthd.sis" <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3170063520-3094865265-1537349500-1001.job => C:\Users\Milan\AppData\Local\GoToMeeting\10697\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3170063520-3094865265-1537349500-1001.job => C:\Users\Milan\AppData\Local\GoToMeeting\10697\g2mupload.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com

==================== Loaded Modules (Whitelisted) ==============

2012-12-14 22:01 - 2012-10-02 21:51 - 000086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-07-23 21:04 - 2010-03-31 11:51 - 000407040 _____ () C:\Windows\System32\HPM1210LM.DLL
2012-07-23 20:43 - 2010-03-31 11:51 - 000074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-07-23 16:42 - 2010-05-17 12:03 - 000121456 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
2018-09-16 09:09 - 2018-09-16 09:09 - 000703192 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2012-07-23 16:43 - 2010-05-17 12:03 - 000081008 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll
2012-07-23 16:42 - 2010-05-17 12:03 - 000259184 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-09-17 20:51 - 2018-09-15 10:26 - 002677592 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\swiftshader\libglesv2.dll
2018-09-17 20:51 - 2018-09-15 10:26 - 000148824 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\swiftshader\libegl.dll
2012-07-23 16:42 - 2010-05-13 16:34 - 000674928 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
2012-07-23 16:42 - 2010-05-13 16:34 - 000711792 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe
2012-07-23 16:43 - 2010-05-17 12:03 - 000129648 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
2012-07-23 16:43 - 2010-05-17 12:03 - 000135792 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
2018-09-16 09:09 - 2018-09-16 09:09 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-09-29 19:58 - 2018-09-29 19:58 - 005702288 _____ () C:\Program Files\AVAST Software\Avast\defs\18092904\algo.dll
2018-09-16 09:09 - 2018-09-16 09:09 - 000896216 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-09-16 09:09 - 2018-09-16 09:09 - 000541400 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-09-16 09:09 - 2018-09-16 09:09 - 000151768 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-09-16 09:09 - 2018-09-16 09:09 - 000986840 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2012-07-23 16:43 - 2010-05-17 12:03 - 000076400 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook.dll
2018-09-16 09:09 - 2018-09-16 09:09 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-04-07 16:43 - 2011-04-07 16:43 - 002296320 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2011-04-07 16:43 - 2011-04-07 16:43 - 008191488 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2011-02-22 17:07 - 2011-02-22 17:07 - 000339968 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2011-02-22 20:12 - 2011-02-22 20:12 - 000196608 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2011-02-22 20:13 - 2011-02-22 20:13 - 000022016 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2011-02-22 17:39 - 2011-02-22 17:39 - 000276480 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2009-12-15 13:46 - 2009-12-15 13:46 - 000619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-12-15 13:49 - 2009-12-15 13:49 - 000013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2009-10-15 18:44 - 2009-10-15 18:44 - 000067128 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\HPTools.dll
2009-10-15 18:44 - 2009-10-15 18:44 - 000075320 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\HPToolkit.dll
2012-07-23 16:42 - 2010-05-17 11:49 - 000172032 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
2012-07-23 16:42 - 2010-05-17 12:03 - 000084592 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\com -> hxxp://www.msi.com
IE trusted site: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\com.tw -> hxxp://asia.msi.com.tw
IE trusted site: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\mbamupdates.com -> data-cdn.mbamupdates.com
IE trusted site: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\microsoft.com -> hxxp://windows.microsoft.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-05-01 18:57 - 000000838 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: NBService => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: PDF Architect 2 => 3
MSCONFIG\Services: PDF Architect 2 Creator => 2
MSCONFIG\Services: pdfforge CrashHandler => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk => C:\Windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: ICQ => C:\Users\Milan\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: NSU_agent => "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F4DFC725-E31C-4168-836D-33EFBE516FA9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{ED5B9A4C-E28F-4CD3-B34E-1A888A5A8B79}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{1AD14CA1-4619-4D2B-A1B4-4CDC2675BB3D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{F6F88DBB-2FB7-4AEC-920F-594C96413086}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{9571788A-3056-48E3-A165-E9FE66A2B14D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{39CC189A-EF5D-45B0-9CC0-527E1F5A5D36}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{16B3836B-4003-400E-9EE9-4CB26A16FD8A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{FF06E3BB-3E1D-420D-94A8-B742E4342A6B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{BB580BBE-5F3C-4514-A6F1-869BD03DBE51}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{D825F7FA-996C-41C2-BF7C-50BEEF57DB33}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{2BE4C7A8-D9FE-4E9F-98A8-2BCC4F841687}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{0DC4513C-5F1E-4D7D-A1E6-98E3540DD366}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{BBCD1D1D-2304-47F1-BE57-778636C9D501}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{F41A4770-22AF-473E-9CE2-3FEB66E232A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{4EE7F536-96A1-402F-B0B6-7A8EA8FF952D}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{E4C5C6F2-B5E2-47EA-A475-FEBA59A69B93}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{BDF1900A-36F2-4AFD-BA4B-A64B15BB32FB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{93E54C9A-A1FC-4754-8A2D-819B5FB5BCFD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{0D7F1F3C-25FD-4BF6-8EB3-BECE09C9AE76}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{2AE80C4C-874E-471A-B3D0-3EFA29D6646D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{1A1049D8-EEEF-4908-AABD-1A5B8ADE7A35}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{D1C7D289-45C0-48E1-BEE6-0A08D644B5F6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{FBA8F2C9-C70D-494A-98E0-28A6AF54C915}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{963C226E-583E-453A-844A-E20EA1F8127D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{D41C0DA2-C537-435D-9DEB-90E0DC137F6C}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{852D6F38-6971-46F8-8CCD-23D58AE59D9E}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{DAB0BA95-7031-4F9B-9D2D-0361D694BD71}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS2F48\hppiw.exe
FirewallRules: [{6F8C21CF-3CF9-4749-9CF7-4D5CCCA3A452}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS2F48\hppiw.exe
FirewallRules: [{4A462D8C-43C6-43F4-9A78-83AD54CC5D10}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS301F\HPDiagnosticCoreUI.exe
FirewallRules: [{577DB09D-3C02-40EF-8312-188A7CE6C2CC}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS301F\HPDiagnosticCoreUI.exe
FirewallRules: [{A0EE9FD5-4B5C-4254-AB6D-50FACC826538}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS308E\hppiw.exe
FirewallRules: [{96DC9ED4-992E-4E4E-96DA-1B84E1CA43C1}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS308E\hppiw.exe
FirewallRules: [{4400AE80-315E-4CEE-873D-C83964CA6B56}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS30A9\HPDiagnosticCoreUI.exe
FirewallRules: [{B1B5FEF1-9E8D-471C-A951-3B36E9E01DD9}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS30A9\HPDiagnosticCoreUI.exe
FirewallRules: [{00913DEC-CE93-41EB-84EA-E13BD6A41157}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS310B\HPDiagnosticCoreUI.exe
FirewallRules: [{5268ED33-371E-47B6-8281-C652F7E9B90E}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS310B\HPDiagnosticCoreUI.exe
FirewallRules: [{1CFFE1E8-E591-421F-9745-A0EA83879031}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS3635\HPDiagnosticCoreUI.exe
FirewallRules: [{BEFDE373-6012-408F-B914-AACA249D9780}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS3635\HPDiagnosticCoreUI.exe
FirewallRules: [{97D6BFBF-E65D-42FD-BF85-A2EBEF365252}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS3663\HPDiagnosticCoreUI.exe
FirewallRules: [{758DFEDF-58C1-4015-A155-E0D6DD1AC3C7}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS3663\HPDiagnosticCoreUI.exe
FirewallRules: [{2A5A1763-295E-4FF6-B357-E1374CA81C4C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{CC897E1D-A774-4153-8850-CF50174AF5B3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{EEE70A9A-4FED-4D10-8A96-607C896AED99}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{2F629E28-84C0-44E0-962B-723E30411043}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{6E4A56A3-AD25-4BD5-A96C-E04012690B15}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{99254964-A249-4C4D-8208-752CCCF0C168}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{96C08A91-5CB2-425D-936F-0703B33BA289}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{D90A12F4-F564-4240-8006-A90624A1E1B7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{67E01D0A-D2DF-4882-BC3E-3BFD04ED1B35}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{D216AE3E-66DB-4934-BB3F-4CA5734085A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{55DF9529-58BF-4A5D-A8D9-F766E68A749C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{A2AB089B-213B-4D76-8D44-902FB18A73CB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{FE0DE2A7-BCE3-44CB-9505-DFE0D0EC872A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{1E84C11F-FBC8-423D-899B-DE8575A53FCB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{91510A18-B674-459A-BCB4-346C45A88B48}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{20C5AEA4-3B56-48DD-A564-E36E7C0CE9A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{C0EC70B5-EA73-4CBE-9C65-0ABFC4014437}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{92387A6B-0BD5-4126-AF6D-2A41577FDF13}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{696E2466-EE8D-4994-838C-243DDCECE46A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{FF5175A6-C025-4E8F-9CE2-D3AB2C5B12B1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{1600CF2C-A84E-4D85-90A7-B8E99EB366B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{E043A0A2-1603-4C7E-95AA-345C21A92D56}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{8BEED1F6-9D78-4639-95E7-BAD3081045A9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{08912FFD-0574-4F8F-921F-9C0570A93600}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A358909F-B856-4370-A8D4-3AC0A7437586}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{93BA454E-B542-4DAC-A201-436709AD5660}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{7B548382-CF6D-4911-945C-5C0B7303A8F2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{387798B4-4625-42D2-9F68-758FBBF0DC0C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{C7708E1B-1B17-43F3-A80A-EE0AEC48A61D}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{CC31E042-7867-4229-876E-FD0E3F2C0440}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{4C9A836C-C167-47CE-9DC0-30EE7644AE4E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{4EE70533-0ABF-4767-B9F5-FBC90E3AE1DB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{1892D1B0-B0F7-40DD-B7B2-0495A6D17ADD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{C86DD22D-DF21-422A-AAA7-EB0FEB9CBAAC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{E1814D8D-8F38-4CA0-925B-001A23B1E480}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{F1AB332A-0CB8-4867-9C91-773E6D3FEE73}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{B619A6E0-AC97-4D0D-AEE5-3CA97857B64A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{E09CF667-15DA-4F1B-8048-5F3000E26DAD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{D60C67DA-A105-40A7-BB2D-E2F9F71E974A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{202859E3-46D4-4760-9236-C81C5915C878}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{3965285E-B7BC-4F42-B1E4-595CFC3AF901}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{697B8AA1-E52F-4580-848E-B2C68C5837AE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{38E00249-E798-4025-9967-FE0F420F4157}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{3A32BD18-13AF-4276-B842-73E37BC54F3C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{241F64E4-2771-49E7-A34E-9DB2476191B7}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{1FBC982C-28EF-4533-A94D-B05C2CEB24BA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{82E66490-9AF1-4E72-8BB7-2D6ACF42E9B2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{6A060FCA-CEA8-4883-A329-436AEB182DAF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{2E37E249-609C-4244-8F5A-DDCC580A42ED}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{9D820D2D-BA9D-4DAB-BE9A-60CFF6A1D421}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{8ADC73D7-0E4E-4AF7-98E0-7349A379E58B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{E203C103-B3DF-484C-B580-D10F4DF9BB39}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{1F85C197-C20B-4A9C-B220-4D8034E89FAC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{4F9A9C9A-6FE3-41B6-97EC-8973910F4B63}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{6FC505AA-40AA-4B96-BF15-61F0E47B739D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{2FA63C60-B8BA-40F5-8D07-AB2458D7D495}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{98BEE367-242E-45B2-B0B8-87E58D975032}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{BEBB1DBD-2DF0-4C17-B01F-92E0AA4E2F66}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{2C730E1E-0FD6-4D8C-8900-936BF848F519}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{403665D6-31BA-4BE9-9D53-851522A99950}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{C84053AE-DFF5-4547-A12D-8A7EDD5B3D73}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A7FF8D08-71DB-44E8-86FE-9A722C8D8F12}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{92E3154B-F798-447E-9E67-F68AA1B09783}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{5BBB718E-1CD6-4BE7-8723-4A4EADD06622}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{F76A9B3B-FBA5-4C83-999D-0281D7487AE6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{2644E40A-D9D8-42B5-A03A-F313F9B30ACA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{86FE3E19-7983-437A-B447-7CD042AB4518}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{8AC26812-DD55-49C4-810D-A89F755AA207}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{A121245F-4838-4A3A-940C-3BB444451EE0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{FA699BB9-5D98-436F-8934-2806E05BAB8B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{405D9925-690D-4084-94E3-2566F4C1EB0C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [TCP Query User{A0E33DF2-ADF4-4523-828F-9AB1BA710E20}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{7236A812-1EBB-4082-B31B-1C4A0618D8CB}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{10022B5F-7FE9-487E-94AD-5E7982BA75DD}C:\program files (x86)\viewpower2.11 sp1\jre\bin\javaw.exe] => (Block) C:\program files (x86)\viewpower2.11 sp1\jre\bin\javaw.exe
FirewallRules: [UDP Query User{FD03A4C4-1922-4CAB-9E21-EE7D1F5ECC5B}C:\program files (x86)\viewpower2.11 sp1\jre\bin\javaw.exe] => (Block) C:\program files (x86)\viewpower2.11 sp1\jre\bin\javaw.exe
FirewallRules: [TCP Query User{12AA36DE-C20E-4C24-A607-D9EF1CDB5FBD}C:\program files (x86)\viewpower\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\viewpower\jre\bin\javaw.exe
FirewallRules: [UDP Query User{0823C9C3-E9D7-411B-90F9-82103F05F7D3}C:\program files (x86)\viewpower\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\viewpower\jre\bin\javaw.exe
FirewallRules: [TCP Query User{856DE9C8-2A12-48FF-89B7-9C9B1171D1C9}C:\program files (x86)\viewpower\jre\bin\javaw.exe] => (Block) C:\program files (x86)\viewpower\jre\bin\javaw.exe
FirewallRules: [UDP Query User{19C7D6DD-9334-4792-9726-8D269FB66BEE}C:\program files (x86)\viewpower\jre\bin\javaw.exe] => (Block) C:\program files (x86)\viewpower\jre\bin\javaw.exe
FirewallRules: [TCP Query User{4DB5473D-1867-4697-A6B9-8253C745FC6B}C:\users\milan\appdata\local\temp\teamviewer\teamviewer.exe] => (Block) C:\users\milan\appdata\local\temp\teamviewer\teamviewer.exe
FirewallRules: [UDP Query User{25CC39AF-094E-4126-AA3C-0AD7869CF9F0}C:\users\milan\appdata\local\temp\teamviewer\teamviewer.exe] => (Block) C:\users\milan\appdata\local\temp\teamviewer\teamviewer.exe
FirewallRules: [{95FFBC3B-3B8A-41DE-9E0B-91185A49BCA4}] => (Allow) C:\Users\Milan\AppData\Local\Temp\nsz61A3.tmp\Installer-76158571.exe
FirewallRules: [{FF8B8ACB-837A-4A75-8635-8A3DA1C2A2AF}] => (Allow) C:\Users\Milan\AppData\Local\Temp\nsnE515.tmp\Installer-76158571.exe
FirewallRules: [{14A83799-F0C8-4EEE-96DB-937DF2A8E6A2}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
FirewallRules: [{E855C35C-0557-4ABC-A942-77B50DCD34A9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{03A2C5DB-D529-49F5-BB16-C059FFEEA6C3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{9843B17F-F105-45ED-8143-CCA4F7C7AB71}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{CA51910A-393C-438F-AA93-7DCCB15DD090}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{B816D1BB-5F70-43E2-9B8B-469905D5534B}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{500DF664-CD4D-4918-BDF7-8A269EE262AE}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{ABB78AB9-FAF8-409D-A4DF-7739CEAA7901}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{DE75D78E-877B-44F8-B19F-589D6072A8A6}] => (Allow) C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
FirewallRules: [{61ED933F-FEBF-48C9-9102-006A864DDFC8}] => (Allow) C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
FirewallRules: [{CF22BB86-BBEA-4DB5-87C7-9C0ED63D591F}] => (Allow) C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
FirewallRules: [{9DA8AB52-FF15-48DC-B8BF-966D1A2FF58C}] => (Allow) C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
FirewallRules: [TCP Query User{F70195F0-2156-431D-B952-D555A5A6F155}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{B64A206D-0DEE-478F-ACB7-D38483E35F5A}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{10C29863-45DE-437B-AA44-917A2261AA02}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{369DC93E-E3A7-46E7-9186-B190650A9491}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{08ACAC48-9DFF-4983-9C6D-3BDA866A3FF8}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{4F1C4265-9CBD-4916-8E90-CA40F16FA0ED}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{47CD66EC-48E5-40E7-A500-518E0A7482C1}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{525171A6-26F0-4B79-A37A-73859132B1CB}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{5A98B933-EE75-4137-810D-B20AD438B98F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3B4B9A87-2FD1-41E9-9247-136299A18602}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{8D1736C2-0DB7-4B7E-90C3-75E51FB88E74}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7EB464E3-08EA-4848-A464-1C086EE2F2E3}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{1CF098E8-6B9A-496D-BF36-E6547558FA08}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{84FB9942-176C-43F4-80E6-4CED93227637}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97F499F0-551A-4577-B8B7-2BE222A99D86}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{81F96B58-F63F-4D9B-B613-55B4727C9EF1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0040FF6E-41FA-4BA8-8D87-33088FB97B6D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5CA76BE3-9650-4A2D-AC41-9AAF7025915E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3
StandardProfile\AuthorizedApplications: [C:\Program Files\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3

==================== Restore Points =========================

08-09-2018 10:23:09 Naplánovaný kontrolní bod
18-09-2018 17:17:48 Naplánovaný kontrolní bod
29-09-2018 10:26:54 Installed iTunes

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/30/2018 07:05:16 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Users\Milan\Downloads\esetsmartinstaller_csy.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/30/2018 06:59:25 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (09/30/2018 06:48:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/29/2018 11:24:45 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (09/29/2018 10:58:45 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (09/29/2018 10:24:33 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (09/29/2018 09:24:42 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (09/29/2018 08:24:37 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (09/30/2018 06:50:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (09/30/2018 06:50:16 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (09/29/2018 10:47:34 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 70. Stav interní chyby: 105

Error: (09/29/2018 07:54:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (09/29/2018 07:54:57 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (09/28/2018 02:09:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/28/2018 06:11:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (09/28/2018 06:11:57 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 55%
Total physical RAM: 4067.35 MB
Available physical RAM: 1820.91 MB
Total Virtual: 8132.88 MB
Available Virtual: 5451.42 MB

==================== Drives ================================

Re: kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 30 zář 2018 06:59
od wegel
A ještě dodatečný dotaz, avast mi našel takové množství "nežádoucích" souborů, je bezpečné to smazat?

Re: kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 30 zář 2018 10:15
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 30 zář 2018 12:11
od wegel
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-09-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-30-2018
# Duration: 00:00:30
# OS: Windows 7 Home Premium
# Cleaned: 76
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\ICQ\ICQNewTab
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater

***** [ Files ] *****

Deleted C:\Users\Milan\Downloads\ReimageRepair.exe
Deleted C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKU\S-1-5-18\Software\AppDataLow\Software\AskToolbar
Deleted HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKCU\Software\csastats
Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\CToolbar
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\CToolbar
Deleted HKU\S-1-5-18\Software\CToolbar
Deleted HKU\.DEFAULT\Software\CToolbar
Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{EBBC143E-44AC-4B9C-BCCE-9A0E42921F2A}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{655847A1-FA36-46ED-923B-A5CD523696EA}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00011268-E188-40DF-A514-835FCD78B1BF}
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{D83C83BF-3EDD-4410-ADAB-5295116DD8C7}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4980EDEB-7F01-46C0-8CB9-6AEAAC7A6597}
Deleted HKLM\Software\Microsoft\Internet Explorer\AboutUrls|Tabs
Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{28D505E6-9692-43A9-B056-6E9736AAADF6}
Deleted HKCU\Software\AppDataLow\Software\Mail.Ru
Deleted HKCU\Software\Mail.Ru
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{D1611ACC-4B10-4B34-8CDE-0AE7B2A270A6}
Deleted HKLM\Software\Classes\Interface\{D1611ACC-4B10-4B34-8CDE-0AE7B2A270A6}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{1FCDF527-B10C-481D-B214-B09EEA106124}
Deleted HKLM\Software\Classes\TypeLib\{1FCDF527-B10C-481D-B214-B09EEA106124}

***** [ Chromium (and derivatives) ] *****

Deleted eShield

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9820 octets] - [30/09/2018 12:57:43]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 30 zář 2018 12:36
od Rudy
Dejte nový log FRST.

Re: kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 30 zář 2018 13:12
od wegel
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.09.2018
Ran by Milan (administrator) on MILAN-PC (30-09-2018 13:56:53)
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: UpdatusUser & Milan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Philips Display\SmartControl\dthtml.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6628968 2011-05-03] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-16] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-08-23] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] ()
HKLM-x32\...\Run: [DT PLP] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121456 2010-05-17] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1500160 2011-06-16] (Nokia)
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [3015072 2016-01-19] (Comfort Software Group)
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\Run: [GoogleChromeAutoLaunch_27F903477283DEE2D82EF65AEF1A178E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1469784 2018-09-15] (Google Inc.)
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\MountPoints2: {0fa5cda4-91c3-11e1-8dcc-6c626de9a39d} - J:\autorun.exe
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\MountPoints2: {6b147fbf-3cda-11e4-9e7c-6c626de9a39d} - E:\LGAutoRun.exe
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{C040E690-7EAE-4223-BC6B-1B6051944ECC}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.com/?company%5B%5D=1700019690
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001 -> {56CCFF7B-25C1-4AA1-9E4B-1A1F40929B97} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11467
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2017-01-03] (Eyeo GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: No Name -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> No File
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2017-01-03] (Eyeo GmbH)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
IE Session Restore: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001 -> is enabled.
DPF: HKLM-x32 {8167C273-DF59-4416-B647-C8BB2C7EE83E} hxxp://liveupdate.msi.com.tw/autobios/LOnline/RELEASECAB/install.cab
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: jqqxrgsb.default
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\jqqxrgsb.default [2018-09-29]
FF Homepage: Mozilla\Firefox\Profiles\jqqxrgsb.default ->
about:newtab
FF Session Restore: Mozilla\Firefox\Profiles\jqqxrgsb.default -> is enabled.
FF Extension: (Avast SafePrice) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\jqqxrgsb.default\Extensions\sp@avast.com.xpi [2018-06-20]
FF Extension: (Avast Online Security) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\jqqxrgsb.default\Extensions\wrc@avast.com.xpi [2018-05-26]
FF Extension: (FamilyFriendly Parental Control, Porn Blocker) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\jqqxrgsb.default\Extensions\{6a2b1f3a-fd62-480d-96ad-4714bfffa22d}.xpi [2018-07-15]
FF Extension: (Firefox Monitor) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\jqqxrgsb.default\features\{ddcf68e9-bd4b-46c3-8c75-d41c93af95fd}\fxmonitor@mozilla.org.xpi [2018-09-28]
FF Extension: (Telemetry coverage) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\jqqxrgsb.default\features\{ddcf68e9-bd4b-46c3-8c75-d41c93af95fd}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-28] [Legacy]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-05-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-10] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-01-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3170063520-3094865265-1537349500-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2018-06-29] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-3170063520-3094865265-1537349500-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2018-06-29] (TD Ameritrade)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.facebook.com/","hxxps://accounts.go ... al+markets"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default [2018-09-30]
CHR Extension: (Překladač Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (WOT: Web of Trust, hodnocení webů) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-06-28]
CHR Extension: (Moje IP adresa) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf [2014-07-08]
CHR Extension: (Adblock Plus) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-09-12]
CHR Extension: (Adblock na Youtube™) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2018-09-14]
CHR Extension: (Parental Controls & Web Filter from MetaCert) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpfbddcgbimoafpgmbbjiliegkfcjkmn [2018-04-22]
CHR Extension: (Block Site - Website Blocker for Chrome™) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2018-06-20]
CHR Extension: (Avast Passwords) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2018-08-15]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-20]
CHR Extension: (Avira Browser Safety) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-05-26]
CHR Extension: (Avast Online Security) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-26]
CHR Extension: (Tiny WebFilter: Anti-Porn & Block Adult Sites) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hijnjfkkfccbdcgbbcdidhgfgfhiapib [2017-05-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-09-16] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-21] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-16] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [431544 2018-09-16] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-21] (AVAST Software)
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [121456 2010-05-17] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-09-27] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 HP LaserJet Service; "C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-09-16] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-09-16] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-09-16] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-09-16] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-09-16] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-09-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163392 2018-09-16] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2018-02-10] (AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [662056 2018-09-16] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-09-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-09-16] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-09-16] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-16] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215920 2018-09-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-09-16] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-29] (DT Soft Ltd)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2015-12-24] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
S3 MSI_MSIBIOS_010507; C:\Program Files\MSI\MSIWDev\msibios64_100507.sys [33592 2010-05-10] (Your Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-04-28] (Marvell Semiconductor, Inc.)
S3 NTIOLib_1_0_8; C:\Program Files\MSI\MSIWDev\NTIOLib_X64.sys [11888 2011-01-27] (MSI) [File not signed]
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20592 2010-04-16] (Portrait Displays, Inc.)
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-30 13:38 - 2018-09-30 13:42 - 675291709 _____ C:\Users\Milan\Desktop\chrome__30092018.gcb
2018-09-30 13:31 - 2018-09-30 13:34 - 000855040 _____ (Parhelia Tools) C:\Users\Milan\Downloads\gcb (1).exe
2018-09-30 13:19 - 2018-09-30 13:35 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Google Chrome Backup
2018-09-30 13:19 - 2018-09-30 13:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parhelia Tools
2018-09-30 13:19 - 2018-09-30 13:34 - 000000000 ____D C:\Program Files (x86)\Google Chrome Backup
2018-09-30 13:17 - 2018-09-30 13:17 - 001145364 _____ (Parhelia Tools ) C:\Users\Milan\Downloads\gcb.exe
2018-09-30 07:09 - 2018-09-30 07:10 - 000066378 _____ C:\Users\Milan\Desktop\Addition.txt
2018-09-30 07:08 - 2018-09-30 13:58 - 000025547 _____ C:\Users\Milan\Desktop\FRST.txt
2018-09-30 07:07 - 2018-09-30 13:56 - 000000000 ____D C:\FRST
2018-09-30 07:05 - 2018-09-29 23:30 - 002414080 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2018-09-30 07:05 - 2018-09-29 23:19 - 007592144 _____ (Malwarebytes) C:\Users\Milan\Desktop\adwcleaner_7.2.4.0.exe
2018-09-29 23:23 - 2018-09-29 23:30 - 002414080 _____ (Farbar) C:\Users\Milan\Downloads\FRST64.exe
2018-09-29 23:18 - 2018-09-29 23:19 - 007592144 _____ (Malwarebytes) C:\Users\Milan\Downloads\adwcleaner_7.2.4.0.exe
2018-09-29 22:58 - 2018-09-29 22:58 - 000000724 _____ C:\Users\Milan\Desktop\sazkovky.txt
2018-09-29 20:39 - 2018-09-29 20:39 - 000052575 _____ C:\Users\Milan\Downloads\Breaking.Bad.S01E01.720p.HDTV.x264-BiA.srt
2018-09-29 10:43 - 2018-09-30 09:12 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Apple Computer
2018-09-29 10:43 - 2018-09-29 10:43 - 000000000 ____D C:\Users\Milan\AppData\Local\Apple Computer
2018-09-29 10:32 - 2018-09-29 10:32 - 000001707 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-09-29 10:32 - 2018-09-29 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-09-29 10:31 - 2018-09-29 10:31 - 000000000 ____D C:\Program Files\iPod
2018-09-29 10:30 - 2018-09-29 10:32 - 000000000 ____D C:\Program Files\iTunes
2018-09-29 10:30 - 2018-09-29 10:30 - 000000000 ____D C:\ProgramData\Apple Computer
2018-09-29 10:26 - 2018-09-29 10:26 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-09-29 10:26 - 2018-09-29 10:26 - 000000000 ____D C:\Users\Milan\AppData\Local\Apple
2018-09-29 10:26 - 2018-09-29 10:26 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-09-29 10:25 - 2018-09-29 10:25 - 000000000 ____D C:\Program Files\Bonjour
2018-09-29 10:25 - 2018-09-29 10:25 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-09-29 10:24 - 2018-09-29 10:26 - 000000000 ____D C:\ProgramData\Apple
2018-09-29 10:24 - 2018-09-29 10:26 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-09-29 10:15 - 2018-09-29 10:18 - 269990216 _____ (Apple Inc.) C:\Users\Milan\Downloads\iTunes64Setup.exe
2018-09-22 15:52 - 2018-09-22 19:04 - 3344690919 _____ C:\Users\Milan\Downloads\Breaking-Bad-1-01-Pilot-HD-1080p.mkv
2018-09-22 08:53 - 2018-09-22 08:53 - 000070774 _____ C:\Users\Milan\Downloads\i-Profit Tracker-Fixed.ex4
2018-09-22 08:53 - 2018-09-22 08:53 - 000020688 _____ C:\Users\Milan\Downloads\USD - 30 Pips = 5%.csv
2018-09-16 09:09 - 2018-09-16 09:09 - 000379608 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-09-08 08:10 - 2018-09-08 08:50 - 729605136 _____ C:\Users\Milan\Downloads\Maly Nicky - Satan Junior CZ.avi
2018-09-02 18:48 - 2018-09-02 18:49 - 030275077 _____ C:\Users\Milan\Downloads\Návod - Apple iPhone 4S 32GB.pdf
2018-09-02 15:17 - 2018-09-05 17:37 - 000000351 _____ C:\Users\Milan\Desktop\market.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-30 13:43 - 2016-02-04 17:53 - 000000538 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3170063520-3094865265-1537349500-1001.job
2018-09-30 13:12 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-30 13:12 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-30 13:11 - 2016-02-04 17:53 - 000000634 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3170063520-3094865265-1537349500-1001.job
2018-09-30 13:07 - 2018-02-10 16:04 - 000000000 ____D C:\Users\Milan\AppData\Local\AVAST Software
2018-09-30 13:04 - 2012-07-23 16:46 - 000001820 _____ C:\Users\Milan\Desktop\SmartControl.lnk
2018-09-30 13:01 - 2011-04-14 14:55 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-30 13:01 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-30 13:00 - 2011-07-09 19:59 - 000000000 ____D C:\Users\Milan
2018-09-30 12:59 - 2011-07-17 13:49 - 000000000 ____D C:\ProgramData\ICQ
2018-09-30 12:57 - 2014-07-30 14:23 - 000000000 ____D C:\AdwCleaner
2018-09-30 10:00 - 2017-02-16 22:44 - 000000000 ____D C:\aaaa
2018-09-30 09:13 - 2011-04-12 10:34 - 000668882 _____ C:\Windows\system32\perfh005.dat
2018-09-30 09:13 - 2011-04-12 10:34 - 000141542 _____ C:\Windows\system32\perfc005.dat
2018-09-30 09:13 - 2009-07-14 07:13 - 001584626 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-30 09:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-30 07:50 - 2015-10-01 18:58 - 000000000 ____D C:\nemovitost
2018-09-30 06:48 - 2018-08-05 18:37 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-09-29 22:58 - 2017-07-06 20:21 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Mozilla
2018-09-29 22:25 - 2017-09-11 09:28 - 000000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2018-09-29 19:53 - 2017-06-17 18:41 - 000004540 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-09-29 19:53 - 2016-02-04 17:53 - 000003660 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3170063520-3094865265-1537349500-1001
2018-09-29 19:53 - 2016-02-04 17:53 - 000003564 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3170063520-3094865265-1537349500-1001
2018-09-29 19:53 - 2015-12-03 16:34 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-09-29 19:53 - 2015-05-04 11:14 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-29 19:53 - 2014-07-27 16:41 - 000003200 _____ C:\Windows\System32\Tasks\{EC091822-D9C5-4AF5-94B9-D049CB2408CE}
2018-09-29 19:53 - 2013-12-12 22:43 - 000002910 _____ C:\Windows\System32\Tasks\{1CE4565A-20CF-4C55-B93D-81AE2DAAA04E}
2018-09-29 19:53 - 2013-03-03 20:02 - 000003320 _____ C:\Windows\System32\Tasks\{D0BC3A15-8E03-4A7D-A883-CF853634CBFE}
2018-09-29 19:53 - 2012-09-04 18:46 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-09-29 19:53 - 2012-09-04 18:46 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-09-29 19:53 - 2012-04-20 20:45 - 000003300 _____ C:\Windows\System32\Tasks\{CE598132-5844-435A-955A-93BC7ED8377A}
2018-09-29 19:53 - 2011-07-23 09:09 - 000003184 _____ C:\Windows\System32\Tasks\{A5BEF975-0838-47B8-8ED9-D00EE6EA8C9E}
2018-09-29 19:53 - 2011-07-22 16:15 - 000003168 _____ C:\Windows\System32\Tasks\{8AB35C8D-D73E-45E3-BFE9-8D1819C31BB9}
2018-09-29 15:43 - 2017-07-08 12:38 - 000000000 ____D C:\Users\Milan\AppData\Local\GoToMeeting
2018-09-21 16:52 - 2015-10-15 18:23 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-19 16:42 - 2018-06-21 16:20 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-09-19 16:42 - 2018-06-21 16:20 - 000002386 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-09-17 20:51 - 2014-07-08 17:00 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-17 20:51 - 2013-03-19 07:53 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-16 09:10 - 2017-03-12 18:23 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-09-16 09:10 - 2013-12-26 10:56 - 000215920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-09-16 09:10 - 2013-03-18 18:55 - 000087904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-09-16 09:10 - 2011-07-09 20:07 - 000467320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-09-16 09:10 - 2011-07-09 20:07 - 000163392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-09-16 09:09 - 2018-02-10 15:43 - 000662056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2018-09-16 09:09 - 2018-02-10 15:10 - 000199712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-09-16 09:09 - 2017-03-12 18:23 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-09-16 09:09 - 2017-03-12 18:23 - 000229384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-09-16 09:09 - 2017-03-12 18:23 - 000201320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-09-16 09:09 - 2017-03-12 18:23 - 000059568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-09-16 09:09 - 2014-04-24 18:39 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-09-16 09:09 - 2013-03-18 18:55 - 000381560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-09-16 09:09 - 2012-06-16 11:33 - 000111864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-09-16 09:09 - 2011-07-09 20:07 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-09-12 20:11 - 2015-12-12 21:06 - 000000000 ____D C:\Users\Milan\Desktop\forex

==================== Files in the root of some directories =======

2015-12-24 16:20 - 2015-12-24 16:20 - 000000624 _____ () C:\Users\Milan\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-06-25 19:00 - 2014-06-25 19:00 - 000000192 _____ () C:\Users\Milan\AppData\Roaming\Safer-Networking.log
2011-08-21 17:55 - 2017-09-07 07:23 - 000009216 _____ () C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-09-10 20:21 - 2016-09-10 20:21 - 000004096 ____H () C:\Users\Milan\AppData\Local\keyfile3.drm
2011-07-27 12:08 - 2018-05-05 22:10 - 000007635 _____ () C:\Users\Milan\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2013-08-05 08:15 - 2013-08-05 08:15 - 004292136 _____ (www.Bandisoft.com) C:\Users\Milan\AppData\Local\Temp\bdfilters.dll
2018-02-17 11:02 - 2018-02-17 10:38 - 000017920 _____ () C:\Users\Milan\AppData\Local\Temp\cmunst_.exe
2017-01-05 16:37 - 2017-01-05 16:37 - 000032768 _____ () C:\Users\Milan\AppData\Local\Temp\f1hfacze.dll
2017-08-22 19:35 - 2017-08-22 19:35 - 000035680 _____ () C:\Users\Milan\AppData\Local\Temp\i4jdel0.exe
2016-08-07 18:52 - 2016-08-07 18:53 - 037251016 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.1.1.5.exe
2016-09-02 19:22 - 2016-09-02 19:24 - 037232728 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.1.2.2.exe
2017-09-05 13:49 - 2017-09-05 13:51 - 039473240 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.1.4.exe
2017-09-12 17:16 - 2017-09-12 17:17 - 039543848 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.1.exe
2018-05-19 06:43 - 2018-05-19 06:44 - 036708968 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.10.exe
2018-06-22 17:51 - 2018-06-22 17:51 - 037295728 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.12.exe
2018-07-15 14:58 - 2018-07-15 14:58 - 038170824 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.13.exe
2018-08-11 19:41 - 2018-08-11 19:42 - 038163512 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.14.exe
2018-09-11 20:54 - 2018-09-11 20:54 - 038160144 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.15.exe
2017-09-19 16:02 - 2017-09-19 16:03 - 039539840 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.2.exe
2017-10-19 09:49 - 2017-10-19 09:51 - 039540656 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.3.exe
2017-11-25 21:15 - 2017-11-25 21:16 - 039544976 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.5.exe
2018-01-10 18:49 - 2018-01-10 18:50 - 039570392 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.6.exe
2018-02-25 13:36 - 2018-02-25 13:36 - 039681752 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.7.exe
2018-03-31 10:07 - 2018-03-31 10:07 - 039685432 _____ (PandoraTV) C:\Users\Milan\AppData\Local\Temp\KMP_4.2.2.8.exe
2017-04-01 06:25 - 2017-04-01 06:25 - 000032768 _____ () C:\Users\Milan\AppData\Local\Temp\pzpj0pye.dll
2015-12-24 15:31 - 2018-02-17 10:40 - 000192512 _____ () C:\Users\Milan\AppData\Local\Temp\sfamcc00001.dll
2015-12-24 16:41 - 2016-10-27 20:04 - 000192512 _____ () C:\Users\Milan\AppData\Local\Temp\sfamcc00002.dll
2012-12-16 11:55 - 2012-12-16 11:55 - 000055296 _____ () C:\Users\Milan\AppData\Local\Temp\sfextra.dll
2017-10-26 10:07 - 2017-10-26 10:07 - 000488960 _____ () C:\Users\Milan\AppData\Local\Temp\sqlite3.exe
2016-12-08 20:21 - 2016-12-08 20:21 - 013983608 _____ (Google Inc.) C:\Users\Milan\AppData\Local\Temp\{79D22EED-6F3D-4AA2-9FD9-D38087B7BB7C}-55.0.2883.87_54.0.2840.99_chrome_updater.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-25 16:26

==================== End of FRST.txt ============================

Re: kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 30 zář 2018 13:13
od wegel
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.09.2018
Ran by Milan (30-09-2018 13:58:43)
Running from C:\Users\Milan\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-07-09 17:59:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3170063520-3094865265-1537349500-500 - Administrator - Disabled)
Guest (S-1-5-21-3170063520-3094865265-1537349500-501 - Limited - Enabled)
Milan (S-1-5-21-3170063520-3094865265-1537349500-1001 - Administrator - Enabled) => C:\Users\Milan
UpdatusUser (S-1-5-21-3170063520-3094865265-1537349500-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}) (Version: - Microsoft) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 18.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1801-000001000000}) (Version: 18.01.00.0 - Igor Pavlov)
Adblock Plus pro IE (32-bit a 64-bit) (HKLM\...\{79A37DB3-D7F9-4492-8774-2BD8EB316981}) (Version: 1.6 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Application Verifier (x64) (HKLM\...\{89026002-A893-42D9-9E20-6829B844735E}) (Version: 4.1.1078 - Microsoft Corporation)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.6.1.0168 - DT Soft Ltd)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.0.792.81 - AVAST Software)
Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1) (HKLM\...\B726756F5B5A5AA9D798B399386FC6205A45F19E) (Version: 02/15/2007 3.1 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
ClassicPro© v1.15 (HKLM-x32\...\ClassicPro) (Version: 1.15 - Skin Consortium)
ControlCenter (HKLM-x32\...\ControlCenter_is1) (Version: - MSI CO.,LTD.)
CPUID CPU-Z 1.58 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
Dropbox (HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
footbe (HKLM-x32\...\footbe_is1) (Version: 2.2.3 beta build 1260 - )
FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Free Screen Recorder 6.1.0 (HKLM-x32\...\{2039a3a0-a6fd-44d6-9568-0b8cc92945c2}_is1) (Version: 6.1.0 - ThunderSoft Studio)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 8.35.0.10697 (HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\GoToMeeting) (Version: 8.35.0.10697 - LogMeIn, Inc.)
GrPing 1.3 (HKLM-x32\...\GrPing) (Version: - )
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (HKLM-x32\...\{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}) (Version: 1.0.0.2 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
HWiNFO64 Version 5.10 (HKLM\...\HWiNFO64_is1) (Version: 5.10 - Martin Malík - REALiX)
ICQ 8.3 (verze 7317) (HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\ICQ) (Version: 8.3.7317.0 - ICQ)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IrfanView 4.50 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.50 - Irfan Skiljan)
iTunes (HKLM\...\{9F1EE6A3-7BDE-48CC-BC81-1EA3D21D94E3}) (Version: 12.9.0.167 - Apple Inc.)
LG CyberLink LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3109 - CyberLink Corp.) Hidden
LG CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3109 - CyberLink Corp.)
LG CyberLink Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.) Hidden
LG CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.)
LG CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.5529 - CyberLink Corp.)
LG CyberLink YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3304a - CyberLink Corp.) Hidden
LG CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3304a - CyberLink Corp.)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG Power Tools (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3316 - CyberLink Corp.) Hidden
LG Power Tools (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3316 - CyberLink Corp.)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
Malwarebytes Anti-Malware verze 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.213 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Czech/èeština (HKLM-x32\...\OMUI.cs-cz) (Version: 12.0.4518.1025 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Windows Performance Toolkit (HKLM\...\{E7F9E526-2324-437B-A609-E8C5309465CB}) (Version: 4.8.0 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Mp3tag v2.49 (HKLM-x32\...\Mp3tag) (Version: v2.49 - Florian Heidenreich)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero 7 Premium (HKLM-x32\...\{847CAE64-4CD2-4B2D-AF00-978FF5431029}) (Version: 7.02.9755 - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{2D99A593-C841-43A7-B7C9-D6F3AE70B756}) (Version: 7.1.45.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{D0D14551-3A2D-433B-861F-F4DCE5422759}) (Version: 7.1.62.1 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.62.1 - Nokia)
Nokia Software Updater (HKLM-x32\...\{889D48DA-457F-4C8B-9095-6458F2793B12}) (Version: 3.0.605 - Nokia Corporation)
NVIDIA Ovladač 3D Vision 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 275.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 275.33 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací panel NVIDIA 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 306.97 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}) (Version: 11.4.19.0 - Nokia)
Pivot Pro Plugin (HKLM-x32\...\{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}) (Version: 9.50.110 - Portrait Displays, Inc.) Hidden
Planescape: Torment Enhanced Edition (HKLM-x32\...\1132393016_is1) (Version: 3.1.3.0 - GOG.com)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6363 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.22.002 - Portrait Displays, Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SmartControl (HKLM-x32\...\{F4EF231A-7218-41B1-AB84-F5B48B74C50A}) (Version: 2.02.005 - Portrait Displays, Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spell it out Loud (HKLM-x32\...\Spell it out Loud) (Version: 1.1.0.0 - Vitware.cz)
Telegram Desktop version 1.1.23 (HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.1.23 - Telegram Messenger LLP)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.50 - C. Ghisler & Co.)
TSR Watermark Image software version 3.4.2.9 (HKLM-x32\...\TSR Watermark Image_is1) (Version: 3.4.2.9 - TSR Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Milan\AppData\Local\GoToMeeting\8953\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-16] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-16] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-16] (AVAST Software)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-06-28] (Nero AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-16] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2013-04-04] (Malwarebytes Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-10-02] (NVIDIA Corporation)
ContextMenuHandlers5: [PortraitDisplaysContextMenu] -> {8602BDD8-9780-4717-B89A-7F89AF75B2AB} => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\shellmenu64.dll [2010-05-13] (Portrait Displays, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-16] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2013-04-04] (Malwarebytes Corporation)
ContextMenuHandlers1_S-1-5-21-3170063520-3094865265-1537349500-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3170063520-3094865265-1537349500-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3170063520-3094865265-1537349500-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E05774D-94FE-4219-97C3-FB198915D4C2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {0E05774D-94FE-4219-97C3-FB198915D4C2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-02-17] (Microsoft Corporation)
Task: {19B712BB-8863-4283-9F6E-29D4457CD459} - System32\Tasks\G2MUploadTask-S-1-5-21-3170063520-3094865265-1537349500-1001 => C:\Users\Milan\AppData\Local\GoToMeeting\10697\g2mupload.exe [2018-09-29] (LogMeIn, Inc.)
Task: {1E7BBDEE-59D4-463A-BD13-B74DC58EBF95} - System32\Tasks\{1CE4565A-20CF-4C55-B93D-81AE2DAAA04E} => C:\prace\Znk5\ZNK5.exe
Task: {2899CB4B-FC6D-49AE-B71A-8B4B3F739FA0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [2018-05-06] (Adobe Systems Incorporated)
Task: {42EF9081-8F7C-49A9-AD0E-86244BD58E6A} - System32\Tasks\{CE598132-5844-435A-955A-93BC7ED8377A} => C:\Windows\system32\pcalua.exe -a C:\Users\Milan\Downloads\Czech_language_pack_553.exe -d "C:\Program Files (x86)\Winamp\lang" -c -el -s2 "-dC:\Program Files (x86)\Winamp\lang" "-p" "-sp"
Task: {4362735C-0B5C-4DB3-9C74-3BE7A0B42666} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {533D5BC3-0F84-4BF3-A39D-72136226AB98} - System32\Tasks\{8AB35C8D-D73E-45E3-BFE9-8D1819C31BB9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ViewPower\ViewPower.exe" -d "C:\Program Files (x86)\ViewPower\"
Task: {568EECE4-6B0C-4BC7-9937-E607ADC39448} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {568EECE4-6B0C-4BC7-9937-E607ADC39448} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-02-17] (Microsoft Corporation)
Task: {59B0AC36-AA68-4E5B-8D02-D94DF3BE086F} - System32\Tasks\G2MUpdateTask-S-1-5-21-3170063520-3094865265-1537349500-1001 => C:\Users\Milan\AppData\Local\GoToMeeting\10697\g2mupdate.exe [2018-09-29] (LogMeIn, Inc.)
Task: {5EE01AFD-550D-4D15-902C-DC62EB3CC811} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {7820D220-1709-410F-BBF2-C831F3994718} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-09-16] (AVAST Software)
Task: {8B7BC55A-5CD8-4030-AC0F-8F067E1BA851} - System32\Tasks\{EC091822-D9C5-4AF5-94B9-D049CB2408CE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ViewPower2.11 SP1\ViewPower.exe" -d "C:\Program Files (x86)\ViewPower2.11 SP1\"
Task: {A0007079-1E4C-4530-8D93-F97BFC8BCADF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B024A2C2-039D-418C-B000-14DD94212ED7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {B2446AE2-38C6-4F22-8968-B4EDE28BA40B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-21] (AVAST Software)
Task: {CC5E3167-1264-4617-A341-F24B3370447E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {CC5E3167-1264-4617-A341-F24B3370447E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-02-17] (Microsoft Corporation)
Task: {D5898C97-E043-4BDE-9036-F12FC7F8BAB7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {D5898C97-E043-4BDE-9036-F12FC7F8BAB7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {D5898C97-E043-4BDE-9036-F12FC7F8BAB7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2016-02-17] (Microsoft Corporation)
Task: {D5A8011A-FB26-4546-A53F-D1570FF8316E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-09-15] (AVAST Software)
Task: {D698F94C-20A9-47A9-80E7-1A4EEF641B86} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-21] (AVAST Software)
Task: {F41C7850-1125-4CA2-BA7A-C327433FED40} - System32\Tasks\{A5BEF975-0838-47B8-8ED9-D00EE6EA8C9E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ViewPower2.08\ViewPower.exe" -d "C:\Program Files (x86)\ViewPower2.08\"
Task: {FDA48D5C-7B3D-4E74-9AEE-C930DE48088C} - System32\Tasks\{D0BC3A15-8E03-4A7D-A883-CF853634CBFE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\ApplicationInstaller.exe" -d C:\Users\Milan\AppData\Local\Temp -c "C:\Users\Milan\AppData\Local\Temp\nfsshifthd.sis" <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3170063520-3094865265-1537349500-1001.job => C:\Users\Milan\AppData\Local\GoToMeeting\10697\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3170063520-3094865265-1537349500-1001.job => C:\Users\Milan\AppData\Local\GoToMeeting\10697\g2mupload.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com

==================== Loaded Modules (Whitelisted) ==============

2012-12-14 22:01 - 2012-10-02 21:51 - 000086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-07-23 21:04 - 2010-03-31 11:51 - 000407040 _____ () C:\Windows\System32\HPM1210LM.DLL
2012-07-23 20:43 - 2010-03-31 11:51 - 000074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-07-23 16:42 - 2010-05-17 12:03 - 000121456 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
2012-07-23 16:43 - 2010-05-17 12:03 - 000081008 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll
2012-07-23 16:42 - 2010-05-17 12:03 - 000259184 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2012-07-23 16:42 - 2010-05-13 16:34 - 000674928 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
2012-07-23 16:42 - 2010-05-13 16:34 - 000711792 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe
2018-09-16 09:09 - 2018-09-16 09:09 - 000703192 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2012-07-23 16:43 - 2010-05-17 12:03 - 000129648 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
2012-07-23 16:43 - 2010-05-17 12:03 - 000135792 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
2018-09-17 20:51 - 2018-09-15 10:26 - 002677592 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\swiftshader\libglesv2.dll
2018-09-17 20:51 - 2018-09-15 10:26 - 000148824 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\swiftshader\libegl.dll
2018-09-16 09:09 - 2018-09-16 09:09 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-09-30 10:49 - 2018-09-30 10:49 - 005702288 _____ () C:\Program Files\AVAST Software\Avast\defs\18093000\algo.dll
2018-09-16 09:09 - 2018-09-16 09:09 - 000896216 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-09-16 09:09 - 2018-09-16 09:09 - 000541400 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-09-16 09:09 - 2018-09-16 09:09 - 000151768 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-09-16 09:09 - 2018-09-16 09:09 - 000986840 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2012-07-23 16:43 - 2010-05-17 12:03 - 000076400 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook.dll
2018-09-16 09:09 - 2018-09-16 09:09 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-04-07 16:43 - 2011-04-07 16:43 - 002296320 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2011-04-07 16:43 - 2011-04-07 16:43 - 008191488 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2011-02-22 17:07 - 2011-02-22 17:07 - 000339968 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2011-02-22 20:12 - 2011-02-22 20:12 - 000196608 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2011-02-22 20:13 - 2011-02-22 20:13 - 000022016 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2011-02-22 17:39 - 2011-02-22 17:39 - 000276480 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2009-12-15 13:46 - 2009-12-15 13:46 - 000619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-12-15 13:49 - 2009-12-15 13:49 - 000013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-07-23 16:42 - 2010-05-17 11:49 - 000172032 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
2012-07-23 16:42 - 2010-05-17 12:03 - 000084592 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\com -> hxxp://www.msi.com
IE trusted site: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\com.tw -> hxxp://asia.msi.com.tw
IE trusted site: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\mbamupdates.com -> data-cdn.mbamupdates.com
IE trusted site: HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\microsoft.com -> hxxp://windows.microsoft.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-05-01 18:57 - 000000838 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: NBService => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: PDF Architect 2 => 3
MSCONFIG\Services: PDF Architect 2 Creator => 2
MSCONFIG\Services: pdfforge CrashHandler => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk => C:\Windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: ICQ => C:\Users\Milan\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: NSU_agent => "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F4DFC725-E31C-4168-836D-33EFBE516FA9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{ED5B9A4C-E28F-4CD3-B34E-1A888A5A8B79}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{1AD14CA1-4619-4D2B-A1B4-4CDC2675BB3D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{F6F88DBB-2FB7-4AEC-920F-594C96413086}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{9571788A-3056-48E3-A165-E9FE66A2B14D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{39CC189A-EF5D-45B0-9CC0-527E1F5A5D36}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{16B3836B-4003-400E-9EE9-4CB26A16FD8A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{FF06E3BB-3E1D-420D-94A8-B742E4342A6B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{BB580BBE-5F3C-4514-A6F1-869BD03DBE51}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{D825F7FA-996C-41C2-BF7C-50BEEF57DB33}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{2BE4C7A8-D9FE-4E9F-98A8-2BCC4F841687}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{0DC4513C-5F1E-4D7D-A1E6-98E3540DD366}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{BBCD1D1D-2304-47F1-BE57-778636C9D501}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{F41A4770-22AF-473E-9CE2-3FEB66E232A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{4EE7F536-96A1-402F-B0B6-7A8EA8FF952D}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{E4C5C6F2-B5E2-47EA-A475-FEBA59A69B93}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{BDF1900A-36F2-4AFD-BA4B-A64B15BB32FB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{93E54C9A-A1FC-4754-8A2D-819B5FB5BCFD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{0D7F1F3C-25FD-4BF6-8EB3-BECE09C9AE76}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{2AE80C4C-874E-471A-B3D0-3EFA29D6646D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{1A1049D8-EEEF-4908-AABD-1A5B8ADE7A35}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{D1C7D289-45C0-48E1-BEE6-0A08D644B5F6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{FBA8F2C9-C70D-494A-98E0-28A6AF54C915}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{963C226E-583E-453A-844A-E20EA1F8127D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{D41C0DA2-C537-435D-9DEB-90E0DC137F6C}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{852D6F38-6971-46F8-8CCD-23D58AE59D9E}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{DAB0BA95-7031-4F9B-9D2D-0361D694BD71}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS2F48\hppiw.exe
FirewallRules: [{6F8C21CF-3CF9-4749-9CF7-4D5CCCA3A452}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS2F48\hppiw.exe
FirewallRules: [{4A462D8C-43C6-43F4-9A78-83AD54CC5D10}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS301F\HPDiagnosticCoreUI.exe
FirewallRules: [{577DB09D-3C02-40EF-8312-188A7CE6C2CC}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS301F\HPDiagnosticCoreUI.exe
FirewallRules: [{A0EE9FD5-4B5C-4254-AB6D-50FACC826538}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS308E\hppiw.exe
FirewallRules: [{96DC9ED4-992E-4E4E-96DA-1B84E1CA43C1}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS308E\hppiw.exe
FirewallRules: [{4400AE80-315E-4CEE-873D-C83964CA6B56}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS30A9\HPDiagnosticCoreUI.exe
FirewallRules: [{B1B5FEF1-9E8D-471C-A951-3B36E9E01DD9}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS30A9\HPDiagnosticCoreUI.exe
FirewallRules: [{00913DEC-CE93-41EB-84EA-E13BD6A41157}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS310B\HPDiagnosticCoreUI.exe
FirewallRules: [{5268ED33-371E-47B6-8281-C652F7E9B90E}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS310B\HPDiagnosticCoreUI.exe
FirewallRules: [{1CFFE1E8-E591-421F-9745-A0EA83879031}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS3635\HPDiagnosticCoreUI.exe
FirewallRules: [{BEFDE373-6012-408F-B914-AACA249D9780}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS3635\HPDiagnosticCoreUI.exe
FirewallRules: [{97D6BFBF-E65D-42FD-BF85-A2EBEF365252}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS3663\HPDiagnosticCoreUI.exe
FirewallRules: [{758DFEDF-58C1-4015-A155-E0D6DD1AC3C7}] => (Allow) C:\Users\Milan\AppData\Local\Temp\7zS3663\HPDiagnosticCoreUI.exe
FirewallRules: [{2A5A1763-295E-4FF6-B357-E1374CA81C4C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{CC897E1D-A774-4153-8850-CF50174AF5B3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{EEE70A9A-4FED-4D10-8A96-607C896AED99}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{2F629E28-84C0-44E0-962B-723E30411043}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{6E4A56A3-AD25-4BD5-A96C-E04012690B15}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{99254964-A249-4C4D-8208-752CCCF0C168}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{96C08A91-5CB2-425D-936F-0703B33BA289}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{D90A12F4-F564-4240-8006-A90624A1E1B7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{67E01D0A-D2DF-4882-BC3E-3BFD04ED1B35}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{D216AE3E-66DB-4934-BB3F-4CA5734085A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{55DF9529-58BF-4A5D-A8D9-F766E68A749C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{A2AB089B-213B-4D76-8D44-902FB18A73CB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{FE0DE2A7-BCE3-44CB-9505-DFE0D0EC872A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{1E84C11F-FBC8-423D-899B-DE8575A53FCB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{91510A18-B674-459A-BCB4-346C45A88B48}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{20C5AEA4-3B56-48DD-A564-E36E7C0CE9A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{C0EC70B5-EA73-4CBE-9C65-0ABFC4014437}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{92387A6B-0BD5-4126-AF6D-2A41577FDF13}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{696E2466-EE8D-4994-838C-243DDCECE46A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{FF5175A6-C025-4E8F-9CE2-D3AB2C5B12B1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{1600CF2C-A84E-4D85-90A7-B8E99EB366B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{E043A0A2-1603-4C7E-95AA-345C21A92D56}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{8BEED1F6-9D78-4639-95E7-BAD3081045A9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{08912FFD-0574-4F8F-921F-9C0570A93600}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A358909F-B856-4370-A8D4-3AC0A7437586}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{93BA454E-B542-4DAC-A201-436709AD5660}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{7B548382-CF6D-4911-945C-5C0B7303A8F2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{387798B4-4625-42D2-9F68-758FBBF0DC0C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{C7708E1B-1B17-43F3-A80A-EE0AEC48A61D}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{CC31E042-7867-4229-876E-FD0E3F2C0440}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{4C9A836C-C167-47CE-9DC0-30EE7644AE4E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{4EE70533-0ABF-4767-B9F5-FBC90E3AE1DB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{1892D1B0-B0F7-40DD-B7B2-0495A6D17ADD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{C86DD22D-DF21-422A-AAA7-EB0FEB9CBAAC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{E1814D8D-8F38-4CA0-925B-001A23B1E480}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{F1AB332A-0CB8-4867-9C91-773E6D3FEE73}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{B619A6E0-AC97-4D0D-AEE5-3CA97857B64A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{E09CF667-15DA-4F1B-8048-5F3000E26DAD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{D60C67DA-A105-40A7-BB2D-E2F9F71E974A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{202859E3-46D4-4760-9236-C81C5915C878}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{3965285E-B7BC-4F42-B1E4-595CFC3AF901}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{697B8AA1-E52F-4580-848E-B2C68C5837AE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{38E00249-E798-4025-9967-FE0F420F4157}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{3A32BD18-13AF-4276-B842-73E37BC54F3C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{241F64E4-2771-49E7-A34E-9DB2476191B7}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{1FBC982C-28EF-4533-A94D-B05C2CEB24BA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{82E66490-9AF1-4E72-8BB7-2D6ACF42E9B2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{6A060FCA-CEA8-4883-A329-436AEB182DAF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{2E37E249-609C-4244-8F5A-DDCC580A42ED}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{9D820D2D-BA9D-4DAB-BE9A-60CFF6A1D421}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{8ADC73D7-0E4E-4AF7-98E0-7349A379E58B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{E203C103-B3DF-484C-B580-D10F4DF9BB39}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{1F85C197-C20B-4A9C-B220-4D8034E89FAC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{4F9A9C9A-6FE3-41B6-97EC-8973910F4B63}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{6FC505AA-40AA-4B96-BF15-61F0E47B739D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{2FA63C60-B8BA-40F5-8D07-AB2458D7D495}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{98BEE367-242E-45B2-B0B8-87E58D975032}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{BEBB1DBD-2DF0-4C17-B01F-92E0AA4E2F66}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{2C730E1E-0FD6-4D8C-8900-936BF848F519}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{403665D6-31BA-4BE9-9D53-851522A99950}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{C84053AE-DFF5-4547-A12D-8A7EDD5B3D73}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A7FF8D08-71DB-44E8-86FE-9A722C8D8F12}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{92E3154B-F798-447E-9E67-F68AA1B09783}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{5BBB718E-1CD6-4BE7-8723-4A4EADD06622}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{F76A9B3B-FBA5-4C83-999D-0281D7487AE6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{2644E40A-D9D8-42B5-A03A-F313F9B30ACA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{86FE3E19-7983-437A-B447-7CD042AB4518}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{8AC26812-DD55-49C4-810D-A89F755AA207}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{A121245F-4838-4A3A-940C-3BB444451EE0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{FA699BB9-5D98-436F-8934-2806E05BAB8B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{405D9925-690D-4084-94E3-2566F4C1EB0C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [TCP Query User{A0E33DF2-ADF4-4523-828F-9AB1BA710E20}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{7236A812-1EBB-4082-B31B-1C4A0618D8CB}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{10022B5F-7FE9-487E-94AD-5E7982BA75DD}C:\program files (x86)\viewpower2.11 sp1\jre\bin\javaw.exe] => (Block) C:\program files (x86)\viewpower2.11 sp1\jre\bin\javaw.exe
FirewallRules: [UDP Query User{FD03A4C4-1922-4CAB-9E21-EE7D1F5ECC5B}C:\program files (x86)\viewpower2.11 sp1\jre\bin\javaw.exe] => (Block) C:\program files (x86)\viewpower2.11 sp1\jre\bin\javaw.exe
FirewallRules: [TCP Query User{12AA36DE-C20E-4C24-A607-D9EF1CDB5FBD}C:\program files (x86)\viewpower\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\viewpower\jre\bin\javaw.exe
FirewallRules: [UDP Query User{0823C9C3-E9D7-411B-90F9-82103F05F7D3}C:\program files (x86)\viewpower\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\viewpower\jre\bin\javaw.exe
FirewallRules: [TCP Query User{856DE9C8-2A12-48FF-89B7-9C9B1171D1C9}C:\program files (x86)\viewpower\jre\bin\javaw.exe] => (Block) C:\program files (x86)\viewpower\jre\bin\javaw.exe
FirewallRules: [UDP Query User{19C7D6DD-9334-4792-9726-8D269FB66BEE}C:\program files (x86)\viewpower\jre\bin\javaw.exe] => (Block) C:\program files (x86)\viewpower\jre\bin\javaw.exe
FirewallRules: [TCP Query User{4DB5473D-1867-4697-A6B9-8253C745FC6B}C:\users\milan\appdata\local\temp\teamviewer\teamviewer.exe] => (Block) C:\users\milan\appdata\local\temp\teamviewer\teamviewer.exe
FirewallRules: [UDP Query User{25CC39AF-094E-4126-AA3C-0AD7869CF9F0}C:\users\milan\appdata\local\temp\teamviewer\teamviewer.exe] => (Block) C:\users\milan\appdata\local\temp\teamviewer\teamviewer.exe
FirewallRules: [{95FFBC3B-3B8A-41DE-9E0B-91185A49BCA4}] => (Allow) C:\Users\Milan\AppData\Local\Temp\nsz61A3.tmp\Installer-76158571.exe
FirewallRules: [{FF8B8ACB-837A-4A75-8635-8A3DA1C2A2AF}] => (Allow) C:\Users\Milan\AppData\Local\Temp\nsnE515.tmp\Installer-76158571.exe
FirewallRules: [{14A83799-F0C8-4EEE-96DB-937DF2A8E6A2}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
FirewallRules: [{E855C35C-0557-4ABC-A942-77B50DCD34A9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{03A2C5DB-D529-49F5-BB16-C059FFEEA6C3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{9843B17F-F105-45ED-8143-CCA4F7C7AB71}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{CA51910A-393C-438F-AA93-7DCCB15DD090}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{B816D1BB-5F70-43E2-9B8B-469905D5534B}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{500DF664-CD4D-4918-BDF7-8A269EE262AE}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{ABB78AB9-FAF8-409D-A4DF-7739CEAA7901}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{DE75D78E-877B-44F8-B19F-589D6072A8A6}] => (Allow) C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
FirewallRules: [{61ED933F-FEBF-48C9-9102-006A864DDFC8}] => (Allow) C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
FirewallRules: [{CF22BB86-BBEA-4DB5-87C7-9C0ED63D591F}] => (Allow) C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
FirewallRules: [{9DA8AB52-FF15-48DC-B8BF-966D1A2FF58C}] => (Allow) C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
FirewallRules: [TCP Query User{F70195F0-2156-431D-B952-D555A5A6F155}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{B64A206D-0DEE-478F-ACB7-D38483E35F5A}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{10C29863-45DE-437B-AA44-917A2261AA02}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{369DC93E-E3A7-46E7-9186-B190650A9491}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{08ACAC48-9DFF-4983-9C6D-3BDA866A3FF8}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{4F1C4265-9CBD-4916-8E90-CA40F16FA0ED}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{47CD66EC-48E5-40E7-A500-518E0A7482C1}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{525171A6-26F0-4B79-A37A-73859132B1CB}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{5A98B933-EE75-4137-810D-B20AD438B98F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3B4B9A87-2FD1-41E9-9247-136299A18602}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{8D1736C2-0DB7-4B7E-90C3-75E51FB88E74}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7EB464E3-08EA-4848-A464-1C086EE2F2E3}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{1CF098E8-6B9A-496D-BF36-E6547558FA08}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{84FB9942-176C-43F4-80E6-4CED93227637}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97F499F0-551A-4577-B8B7-2BE222A99D86}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{81F96B58-F63F-4D9B-B613-55B4727C9EF1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0040FF6E-41FA-4BA8-8D87-33088FB97B6D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5CA76BE3-9650-4A2D-AC41-9AAF7025915E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3
StandardProfile\AuthorizedApplications: [C:\Program Files\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3

==================== Restore Points =========================

08-09-2018 10:23:09 Naplánovaný kontrolní bod
18-09-2018 17:17:48 Naplánovaný kontrolní bod
29-09-2018 10:26:54 Installed iTunes

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/30/2018 01:24:36 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (09/30/2018 01:19:33 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (09/30/2018 01:19:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (09/30/2018 01:04:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (09/30/2018 01:04:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (09/30/2018 01:03:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/30/2018 01:03:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (09/30/2018 12:24:37 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (09/30/2018 01:04:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (09/30/2018 01:04:40 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (09/30/2018 01:03:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Agent zásad protokolu IPsec neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/30/2018 01:03:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Agent zásad protokolu IPsec bylo dosaženo časového limitu (30000 ms).

Error: (09/30/2018 01:03:13 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (09/30/2018 01:01:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Apple Mobile Device Service neuspěla při spuštění v důsledku následující chyby:
Přesměrování bylo ukončeno.

Error: (09/30/2018 12:59:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Apple Mobile Device Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (09/30/2018 12:59:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Portrait Displays SDK Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 41%
Total physical RAM: 4067.35 MB
Available physical RAM: 2386.81 MB
Total Virtual: 8132.89 MB
Available Virtual: 5411.01 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:101.32 GB) NTFS

\\?\Volume{fd4d4fb1-6686-11e0-851e-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B9024B53)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 30 zář 2018 14:42
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
Task: {533D5BC3-0F84-4BF3-A39D-72136226AB98} - System32\Tasks\{8AB35C8D-D73E-45E3-BFE9-8D1819C31BB9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ViewPower\ViewPower.exe" -d "C:\Program Files (x86)\ViewPower\"
Task: {5EE01AFD-550D-4D15-902C-DC62EB3CC811} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A0007079-1E4C-4530-8D93-F97BFC8BCADF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F41C7850-1125-4CA2-BA7A-C327433FED40} - System32\Tasks\{A5BEF975-0838-47B8-8ED9-D00EE6EA8C9E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ViewPower2.08\ViewPower.exe" -d "C:\Program Files (x86)\ViewPower2.08\"
Task: {FDA48D5C-7B3D-4E74-9AEE-C930DE48088C} - System32\Tasks\{D0BC3A15-8E03-4A7D-A883-CF853634CBFE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\ApplicationInstaller.exe" -d C:\Users\Milan\AppData\Local\Temp -c "C:\Users\Milan\AppData\Local\Temp\nfsshifthd.sis" <==== ATTENTION
C:\Program Files\Bonjour
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\MountPoints2: {0fa5cda4-91c3-11e1-8dcc-6c626de9a39d} - J:\autorun.exe
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\MountPoints2: {6b147fbf-3cda-11e4-9e7c-6c626de9a39d} - E:\LGAutoRun.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO-x32: No Name -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
C:\Windows\System32\Tasks\{EC091822-D9C5-4AF5-94B9-D049CB2408CE}
C:\Windows\System32\Tasks\{1CE4565A-20CF-4C55-B93D-81AE2DAAA04E}
C:\Windows\System32\Tasks\{D0BC3A15-8E03-4A7D-A883-CF853634CBFE}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\System32\Tasks\{CE598132-5844-435A-955A-93BC7ED8377A}
C:\Windows\System32\Tasks\{A5BEF975-0838-47B8-8ED9-D00EE6EA8C9E}
C:\Windows\System32\Tasks\{8AB35C8D-D73E-45E3-BFE9-8D1819C31BB9}
C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Milan\AppData\Local\Temp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 30 zář 2018 15:51
od wegel
Bohužel se mi to nezdařilo, vypadalo to, že se to zaseklo (neodpovídá) a běželo to delší dobu tak jsem musel dát reset. Co tedy s tím?
Ještě dodatek, vidím, že se mi na ploše i přesto objevil fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 28.09.2018
Ran by Milan (30-09-2018 16:18:44) Run:1
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: UpdatusUser & Milan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {533D5BC3-0F84-4BF3-A39D-72136226AB98} - System32\Tasks\{8AB35C8D-D73E-45E3-BFE9-8D1819C31BB9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ViewPower\ViewPower.exe" -d "C:\Program Files (x86)\ViewPower\"
Task: {5EE01AFD-550D-4D15-902C-DC62EB3CC811} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A0007079-1E4C-4530-8D93-F97BFC8BCADF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F41C7850-1125-4CA2-BA7A-C327433FED40} - System32\Tasks\{A5BEF975-0838-47B8-8ED9-D00EE6EA8C9E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ViewPower2.08\ViewPower.exe" -d "C:\Program Files (x86)\ViewPower2.08\"
Task: {FDA48D5C-7B3D-4E74-9AEE-C930DE48088C} - System32\Tasks\{D0BC3A15-8E03-4A7D-A883-CF853634CBFE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\ApplicationInstaller.exe" -d C:\Users\Milan\AppData\Local\Temp -c "C:\Users\Milan\AppData\Local\Temp\nfsshifthd.sis" <==== ATTENTION
C:\Program Files\Bonjour
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\MountPoints2: {0fa5cda4-91c3-11e1-8dcc-6c626de9a39d} - J:\autorun.exe
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\MountPoints2: {6b147fbf-3cda-11e4-9e7c-6c626de9a39d} - E:\LGAutoRun.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO-x32: No Name -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
C:\Windows\System32\Tasks\{EC091822-D9C5-4AF5-94B9-D049CB2408CE}
C:\Windows\System32\Tasks\{1CE4565A-20CF-4C55-B93D-81AE2DAAA04E}
C:\Windows\System32\Tasks\{D0BC3A15-8E03-4A7D-A883-CF853634CBFE}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\System32\Tasks\{CE598132-5844-435A-955A-93BC7ED8377A}
C:\Windows\System32\Tasks\{A5BEF975-0838-47B8-8ED9-D00EE6EA8C9E}
C:\Windows\System32\Tasks\{8AB35C8D-D73E-45E3-BFE9-8D1819C31BB9}
C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Milan\AppData\Local\Temp

EmptyTemp:
End
*****************

Processes closed successfully.

Re: kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 30 zář 2018 17:54
od Rudy
Zkuste to v nouz. režimu.

Re: kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 30 zář 2018 17:56
od wegel
Rudy píše:Zkuste to v nouz. režimu.

ale ten log to vytvořilo nebo se pletu?

Re: kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 30 zář 2018 18:00
od Rudy
Jen to vypsalo to, co jsem vám předepsal pro mazání, ale bez odezvy. V logu je to ještě jednou s poznámkou, co se provedlo (mazání, oprava, nesmazání atd.). Oprava evidentně neproběhla.

Re: kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 01 říj 2018 19:37
od wegel
tak nouzový režim se povedl, ale smazalo mi to všechny záložky z chromu

Fix result of Farbar Recovery Scan Tool (x64) Version: 28.09.2018
Ran by Milan (01-10-2018 20:20:22) Run:2
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: UpdatusUser & Milan)
Boot Mode: Safe Mode (minimal)
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {533D5BC3-0F84-4BF3-A39D-72136226AB98} - System32\Tasks\{8AB35C8D-D73E-45E3-BFE9-8D1819C31BB9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ViewPower\ViewPower.exe" -d "C:\Program Files (x86)\ViewPower\"
Task: {5EE01AFD-550D-4D15-902C-DC62EB3CC811} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A0007079-1E4C-4530-8D93-F97BFC8BCADF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F41C7850-1125-4CA2-BA7A-C327433FED40} - System32\Tasks\{A5BEF975-0838-47B8-8ED9-D00EE6EA8C9E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ViewPower2.08\ViewPower.exe" -d "C:\Program Files (x86)\ViewPower2.08\"
Task: {FDA48D5C-7B3D-4E74-9AEE-C930DE48088C} - System32\Tasks\{D0BC3A15-8E03-4A7D-A883-CF853634CBFE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\ApplicationInstaller.exe" -d C:\Users\Milan\AppData\Local\Temp -c "C:\Users\Milan\AppData\Local\Temp\nfsshifthd.sis" <==== ATTENTION
C:\Program Files\Bonjour
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\MountPoints2: {0fa5cda4-91c3-11e1-8dcc-6c626de9a39d} - J:\autorun.exe
HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\...\MountPoints2: {6b147fbf-3cda-11e4-9e7c-6c626de9a39d} - E:\LGAutoRun.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO-x32: No Name -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
C:\Windows\System32\Tasks\{EC091822-D9C5-4AF5-94B9-D049CB2408CE}
C:\Windows\System32\Tasks\{1CE4565A-20CF-4C55-B93D-81AE2DAAA04E}
C:\Windows\System32\Tasks\{D0BC3A15-8E03-4A7D-A883-CF853634CBFE}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\System32\Tasks\{CE598132-5844-435A-955A-93BC7ED8377A}
C:\Windows\System32\Tasks\{A5BEF975-0838-47B8-8ED9-D00EE6EA8C9E}
C:\Windows\System32\Tasks\{8AB35C8D-D73E-45E3-BFE9-8D1819C31BB9}
C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Milan\AppData\Local\Temp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{533D5BC3-0F84-4BF3-A39D-72136226AB98}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{533D5BC3-0F84-4BF3-A39D-72136226AB98}" => removed successfully
C:\Windows\System32\Tasks\{8AB35C8D-D73E-45E3-BFE9-8D1819C31BB9} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8AB35C8D-D73E-45E3-BFE9-8D1819C31BB9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5EE01AFD-550D-4D15-902C-DC62EB3CC811}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EE01AFD-550D-4D15-902C-DC62EB3CC811}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A0007079-1E4C-4530-8D93-F97BFC8BCADF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0007079-1E4C-4530-8D93-F97BFC8BCADF}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F41C7850-1125-4CA2-BA7A-C327433FED40}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F41C7850-1125-4CA2-BA7A-C327433FED40}" => removed successfully
C:\Windows\System32\Tasks\{A5BEF975-0838-47B8-8ED9-D00EE6EA8C9E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A5BEF975-0838-47B8-8ED9-D00EE6EA8C9E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDA48D5C-7B3D-4E74-9AEE-C930DE48088C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDA48D5C-7B3D-4E74-9AEE-C930DE48088C}" => removed successfully
C:\Windows\System32\Tasks\{D0BC3A15-8E03-4A7D-A883-CF853634CBFE} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D0BC3A15-8E03-4A7D-A883-CF853634CBFE}" => removed successfully
C:\Program Files\Bonjour => moved successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0fa5cda4-91c3-11e1-8dcc-6c626de9a39d}" => removed successfully
HKLM\Software\Classes\CLSID\{0fa5cda4-91c3-11e1-8dcc-6c626de9a39d} => not found
"HKU\S-1-5-21-3170063520-3094865265-1537349500-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b147fbf-3cda-11e4-9e7c-6c626de9a39d}" => removed successfully
HKLM\Software\Classes\CLSID\{6b147fbf-3cda-11e4-9e7c-6c626de9a39d} => not found
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
"HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => not found
"HKLM\Software\Classes\PROTOCOLS\Handler\skypec2c" => removed successfully
"HKLM\Software\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => removed successfully
HKLM\Software\Wow6432Node\Classes\PROTOCOLS\Handler\skypec2c => not found
"HKLM\Software\Wow6432Node\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => removed successfully
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => moved successfully
C:\Windows\System32\Tasks\{EC091822-D9C5-4AF5-94B9-D049CB2408CE} => moved successfully
C:\Windows\System32\Tasks\{1CE4565A-20CF-4C55-B93D-81AE2DAAA04E} => moved successfully
"C:\Windows\System32\Tasks\{D0BC3A15-8E03-4A7D-A883-CF853634CBFE}" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\System32\Tasks\{CE598132-5844-435A-955A-93BC7ED8377A} => moved successfully
"C:\Windows\System32\Tasks\{A5BEF975-0838-47B8-8ED9-D00EE6EA8C9E}" => not found
"C:\Windows\System32\Tasks\{8AB35C8D-D73E-45E3-BFE9-8D1819C31BB9}" => not found
C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

"C:\Users\Milan\AppData\Local\Temp" folder move:

Could not move "C:\Users\Milan\AppData\Local\Temp" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 114788922 B
Java, Flash, Steam htmlcache => 26049173 B
Windows/system/drivers => 3127105139 B
Edge => 0 B
Chrome => 752851184 B
Firefox => 133852072 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 97696822 B
systemprofile32 => 8689597 B
LocalService => 66228 B
NetworkService => 663986 B
UpdatusUser => 0 B
Milan => 2912944994 B

RecycleBin => 1573473643 B
EmptyTemp: => 8.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 01-10-2018 20:25:31)

C:\Users\Milan\AppData\Local\Temp => moved successfully

==== End of Fixlog 20:25:32 ====

Re: kontrola logu- zpomalený pc, vnucený yahoo vyhledávač

Napsal: 01 říj 2018 19:53
od Rudy
To je mi líto, běžně to FRST nedělá. Nastala nějaká změna?
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz